Conference PaperPDF Available

Abstract

Fog Computing is an area of Computer Science that is under constant construction and evolution, and in conjunction with information security, the paradigm becomes more reliable and secure for IoT’s edge platforms. The authentication of restricted memory devices has major problems because memory consumption is high when applied with other models that have the purpose of mutual authentication. This article proposes an authentication model that validates mutually the parties in an Internet of Things environment applied in the context of Fog Computing. Through the hypothetico-deductive methodology, the deductions and hypotheses are presented for the formal proof of the new proposed method. The results achieved in the research show that the approach of the authentication mechanism is optimized, the prototype was vali- dated in the AVISPA protocol evaluation tool and in a restricted memory controlled environment in a context of Fog and Cloud Computing.
6/20/19, 9)45 AMMutual Authentication for IoT in the Context of Fog Computing - IEEE Conference Publication
Page 1 of 6https://ieeexplore.ieee.org/document/8711402/references#references
Institutional Sign In
IEEE.org IEEE Xplore Digital Library
|IEEE-SA
|IEEE Spectrum
|More Sites
| Cart (0) Create Account
| Personal Sign In
|
Advertisement
Conferences > 2019 11th International Confe...
4Author(s)
Leandro Loffi ; Carla Merkle Westphall ; Lukas Detner Grüdtner ; Carlos B
View All Authors
Mutual Authentication for IoT in the Context of Fog Computing
Publisher: IEEE
9
Full
Text Views
Alerts
Manage
Content Alerts
Add to Citation
Alerts
Export to
Collabratec
Abstract
Document Sections
I. Introduction
II. Related Works
III. Proposed
Solution
IV. Evaluation
V. Conclusion and
Future Work
Authors
Figures
References
Keywords
Metrics
More Like This
Download
PDF
Abstract: The authentication of restricted memory devices has major problems
because memory consumption is high when applied with other protocols that have the
purpose of mutual au... View more
Metadata
Published in: 2019 11th International Conference on Communication Systems &
Networks (COMSNETS)
Abstract:
The authentication of restricted memory devices has major problems because memory
consumption is high when applied with other protocols that have the purpose of mutual
authentication. This article proposes an authentication model that validates mutually the
parties in an Internet of Things environment applied in the context of Fog Computing.
Through the hypothetic-deductive methodology, the deductions and hypotheses are
presented for the formal proof of the new proposed method. The results achieved in the
research show that the approach of the authentication mechanism is optimized, the
prototype was validated in the AVISPA protocol evaluation tool and in a restricted
memory controlled environment in a context of Fog Computing. However, this work is
more appropriate in Fog Computing environments because there are no route changes
as in Cloud Computing.
Advertisement
More Like This
Security in the Internet of Things: A Survey
on Application Layer Protocols
2017 21st International Conference on
Control Systems and Computer Science
(CSCS)
Published: 2017
Access Control on Internet of Things based
on Publish/Subscribe using Authentication
Server and Secure Protocol
2018 10th International Conference on
Information Technology and Electrical
Engineering (ICITEE)
Published: 2018
View More
Advertisement
Click to Expand
See the top organizations
patenting in technologies
mentioned in this article
My Settings Get Help
Browse Subscribe
Link to download the paper:
https://ieeexplore.ieee.org/document/8711402/references#references
6/20/19, 9)45 AMMutual Authentication for IoT in the Context of Fog Computing - IEEE Conference Publication
Page 2 of 6https://ieeexplore.ieee.org/document/8711402/references#references
Citation Map
Date of Conference: 7-11 Jan. 2019
Date Added to IEEE Xplore: 13 May 2019
ISBN Information:
ISSN Information:
INSPEC Accession Number: 18672211
DOI: 10.1109/COMSNETS.2019.8711402
Publisher: IEEE
Conference Location: Bengaluru, India,
India
1. F. Xia, L. T. Yang, L. Wang, A. Vinel, "Internet of things", International Journal of
Communication Systems, vol. 25, no. 9, pp. 1101-1102, 2012.
Show Context CrossRef Google Scholar
2. B. Schneier, Applied cryptography: protocols algorithms and source code in C, john
wiley & sons, 2007.
Show Context Google Scholar
3. P. Hu, H. Ning, T. Qiu, Y. Xu, X. Luo, A. K. Sangaiah, "A unified face identification and
resolution scheme using cloud computing in internet of things", Future Generation
Computer Systems, vol. 81, pp. 582-592, 2018.
Show Context CrossRef Google Scholar
4. P. Gope, R. Amin, S. H. Islam, N. Kumar, V. K. Bhalla, "Lightweight and privacy-
preserving rfid authentication scheme for distributed iot infrastructure with secure
localization services for smart city environment", Future Generation Computer Systems,
2017.
Show Context Google Scholar
5. S. Piramuthu, R. Doss, "On sensor-based solutions for simultaneous presence of
multiple rfid tags", Decision Support Systems, vol. 95, pp. 102-109, 2017.
Show Context CrossRef Google Scholar
6. A. Tewari, B. Gupta, "Cryptanalysis of a novel ultra-lightweight mutual authentication
protocol for iot devices using rfid tags", The Journal of Supercomputing, vol. 73, no. 3,
pp. 1085-1102, 2017.
Show Context CrossRef Google Scholar
7. K.-H. Wang, C.-M. Chen, W. Fang, T.-Y. Wu, "On the security of a new ultra-
lightweight authentication protocol in iot environment for rfid tags", The Journal of
Supercomputing, vol. 74, no. 1, pp. 65-70, 2018.
Show Context CrossRef Google Scholar
8. N. Li, D. Liu, S. Nepal, "Lightweight mutual authentication for iot and its applications",
IEEE Transactions on Sustainable Computing, vol. 2, no. 4, pp. 359-370, 2017.
Show Context View Article Full Text: PDF (604KB) Google Scholar
9. M. H. Ibrahim, "Octopus: An edge-fog mutual authentication scheme", IJ Network
Security, vol. 18, no. 6, pp. 1089-1101, 2016.
Show Context Google Scholar
6/20/19, 9)45 AMMutual Authentication for IoT in the Context of Fog Computing - IEEE Conference Publication
Page 3 of 6https://ieeexplore.ieee.org/document/8711402/references#references
Advertisement
Authors !
10. M. A. Jan, F. Khan, M. Alam, M. Usman, "A payload-based mutual authentication
scheme for internet of things", Future Generation Computer Systems, 2017.
Show Context Google Scholar
11. F. Wu, X. Li, L. Xu, S. Kumari, A. K. Sangaiah, "A novel mutual authentication
scheme with formal proof for smart healthcare systems under global mobility networks
notion", Computers & Electrical Engineering, vol. 68, pp. 107-118, 2018.
Show Context CrossRef Google Scholar
12. P. M. Kumar, U. D. Gandhi, "Enhanced dtls with coap-based authentication scheme
for the internet of things in healthcare application", The Journal of Supercomputing, pp.
1-21, 2017.
Show Context CrossRef Google Scholar
13. R. Amin, N. Kumar, G. Biswas, R. Iqbal, V. Chang, "A light weight authentication
protocol for iot-enabled devices in distributed cloud computing environment", Future
Generation Computer Systems, vol. 78, pp. 1005-1019, 2018.
Show Context CrossRef Google Scholar
14. M. Wazid, A. K. Das, M. K. Khan, A. A.-D. Al-Ghaiheb, N. Kumar, A. V. Vasilakos,
"Secure authentication scheme for medicine anti-counterfeiting system in iot
environment", IEEE Internet of Things Journal, vol. 4, no. 5, pp. 1634-1646, 2017.
Show Context View Article Full Text: PDF (1638KB) Google Scholar
15. A. Armando, D. Basin, J. Cuellar, M. Rusinowitch, L. Viganò, "Avispa: automated
validation of internet security protocols and applications", ERCIM News, vol. 64, 2006.
Show Context Google Scholar
16. V. Odelu, A. K. Das, A. Goswami, "A secure biometrics-based multi-server
authentication protocol using smart cards", IEEE Transactions on Information Forensics
and Security, vol. 10, no. 9, pp. 1953-1966, 2015.
Show Context View Article Full Text: PDF (2796KB) Google Scholar
I. Introduction
The evolution of Internet connected devices allowed the creation of a network of
intelligent objects. Each object has send and receive data functions between the
real world and the Internet, thus forming a network of things, or Internet of Things
(IoT). The main characteristic of an IoT network are devices that characterize a
network of sensors and actuators [1]. These devices must have adequate security
measures to provide trust in the use of the collected data.
Sign in to Continue Reading
Contents
6/20/19, 9)45 AMMutual Authentication for IoT in the Context of Fog Computing - IEEE Conference Publication
Page 4 of 6https://ieeexplore.ieee.org/document/8711402/references#references
Figures !
References "
Citation Map
1. F. Xia, L. T. Yang, L. Wang, A. Vinel, "Internet of things", International Journal of
Communication Systems, vol. 25, no. 9, pp. 1101-1102, 2012.
Show Context CrossRef Google Scholar
2. B. Schneier, Applied cryptography: protocols algorithms and source code in C,
john wiley & sons, 2007.
Show Context Google Scholar
3. P. Hu, H. Ning, T. Qiu, Y. Xu, X. Luo, A. K. Sangaiah, "A unified face identification
and resolution scheme using cloud computing in internet of things", Future
Generation Computer Systems, vol. 81, pp. 582-592, 2018.
Show Context CrossRef Google Scholar
4. P. Gope, R. Amin, S. H. Islam, N. Kumar, V. K. Bhalla, "Lightweight and privacy-
preserving rfid authentication scheme for distributed iot infrastructure with secure
localization services for smart city environment", Future Generation Computer
Systems, 2017.
Show Context Google Scholar
5. S. Piramuthu, R. Doss, "On sensor-based solutions for simultaneous presence of
multiple rfid tags", Decision Support Systems, vol. 95, pp. 102-109, 2017.
Show Context CrossRef Google Scholar
6. A. Tewari, B. Gupta, "Cryptanalysis of a novel ultra-lightweight mutual
authentication protocol for iot devices using rfid tags", The Journal of
Supercomputing, vol. 73, no. 3, pp. 1085-1102, 2017.
Show Context CrossRef Google Scholar
7. K.-H. Wang, C.-M. Chen, W. Fang, T.-Y. Wu, "On the security of a new ultra-
lightweight authentication protocol in iot environment for rfid tags", The Journal of
Supercomputing, vol. 74, no. 1, pp. 65-70, 2018.
Show Context CrossRef Google Scholar
8. N. Li, D. Liu, S. Nepal, "Lightweight mutual authentication for iot and its
applications", IEEE Transactions on Sustainable Computing, vol. 2, no. 4, pp. 359-
370, 2017.
Show Context View Article Full Text: PDF (604KB) Google Scholar
9. M. H. Ibrahim, "Octopus: An edge-fog mutual authentication scheme", IJ Network
Security, vol. 18, no. 6, pp. 1089-1101, 2016.
Show Context Google Scholar
10. M. A. Jan, F. Khan, M. Alam, M. Usman, "A payload-based mutual authentication
scheme for internet of things", Future Generation Computer Systems, 2017.
Show Context Google Scholar
6/20/19, 9)45 AMMutual Authentication for IoT in the Context of Fog Computing - IEEE Conference Publication
Page 5 of 6https://ieeexplore.ieee.org/document/8711402/references#references
Keywords !
Metrics !
11. F. Wu, X. Li, L. Xu, S. Kumari, A. K. Sangaiah, "A novel mutual authentication
scheme with formal proof for smart healthcare systems under global mobility
networks notion", Computers & Electrical Engineering, vol. 68, pp. 107-118, 2018.
Show Context CrossRef Google Scholar
12. P. M. Kumar, U. D. Gandhi, "Enhanced dtls with coap-based authentication
scheme for the internet of things in healthcare application", The Journal of
Supercomputing, pp. 1-21, 2017.
Show Context CrossRef Google Scholar
13. R. Amin, N. Kumar, G. Biswas, R. Iqbal, V. Chang, "A light weight authentication
protocol for iot-enabled devices in distributed cloud computing environment", Future
Generation Computer Systems, vol. 78, pp. 1005-1019, 2018.
Show Context CrossRef Google Scholar
14. M. Wazid, A. K. Das, M. K. Khan, A. A.-D. Al-Ghaiheb, N. Kumar, A. V.
Vasilakos, "Secure authentication scheme for medicine anti-counterfeiting system in
iot environment", IEEE Internet of Things Journal, vol. 4, no. 5, pp. 1634-1646,
2017.
Show Context View Article Full Text: PDF (1638KB) Google Scholar
15. A. Armando, D. Basin, J. Cuellar, M. Rusinowitch, L. Viganò, "Avispa: automated
validation of internet security protocols and applications", ERCIM News, vol. 64,
2006.
Show Context Google Scholar
16. V. Odelu, A. K. Das, A. Goswami, "A secure biometrics-based multi-server
authentication protocol using smart cards", IEEE Transactions on Information
Forensics and Security, vol. 10, no. 9, pp. 1953-1966, 2015.
Show Context View Article Full Text: PDF (2796KB) Google Scholar
IEEE Account !
Profile Information !
Purchase Details !
Need Help? !
Other !
6/20/19, 9)45 AMMutual Authentication for IoT in the Context of Fog Computing - IEEE Conference Publication
Page 6 of 6https://ieeexplore.ieee.org/document/8711402/references#references
A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2019 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.
US & Canada: +1 800 678 4333
Worldwide: +1 732 981 0060
IEEE Account
»Change Username/Password
»Update Address
Purchase Details
»Payment Options
»Order History
»View Purchased Documents
Profile Information
»Communications Preferences
»Profession and Education
»Technical Interests
Need Help?
»US & Canada: +1 800 678 4333
»Worldwide: +1 732 981 0060
»Contact & Support
A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2019 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.
About IEEE Xplore Contact Us
|Help
|Accessibility
|Terms of Use
|Nondiscrimination Policy
|Sitemap
|Privacy & Opting Out of Cookies
|
IEEE websites place cookies on your device to give you the best user experience. By using our
websites, you agree to the placement of these cookies. To learn more, read our Accept & Close
Privacy Policy.
... [2] The solution proposed in this paper aims to provide an end-to-end security service to the middleware architecture and for the contributors who upload sensing data from IoT devices to cloud. Leandro Loffi * , Carla Merkle Westphall †, Lukas Derner Grudtner ¨, Carlos Becker Westphall [3] The proposed scheme is aimed to provide an authentication scheme which verifies mutually in an IoT environment applied with the help of Fog Computing. ...
... In [3], the author proposes a new model to ensure the coherence of IoT contexts using Fog Computing into two processes: Hand Shaking and authorizing facts sections. During the handshake three things are analyzed to make sure Nonce, Challenge response and response time work. ...
... A malicious fog server may act as a legitimate fog server, and may pretend to be a fog user to connect to the fog [18], [22], [17]. Once connected, it can manipulate incoming and outgoing requests to the cloud, collect user data, etc. ...
Preprint
Full-text available
An identity preserving mutual authentication scheme between fog users and fog servers is an important and challenging issue in fog computing, because unlike cloud servers, fog servers and fog users may be malicious. Such a scheme should retain the true identity of the user from the opponent, because otherwise, the opponent will be able to track which fog user and fog server are communicating. This article proposes a safe and effective anonymous mutual authentication scheme between the fog user and the fog server at the edge of the network. In our solution, with the help of the registration authority (RA), they can authenticate each other and agree on a new session key, which will be used to encrypt messages in the session. Fog users can roam freely in the network and can authenticate to any fog server within its range without re-registering with RA. The proposed scheme requires few symmetric encryption/decryption and one-way hash functions, so that it can be efficiently implemented for resource-constrained fog user’s devices. The performance of the proposed scheme is compared with the existing scheme, in which the proposed scheme can withstand multiple attacks (known plaintext attacks, man-in-the-middle attacks, session hijacking, etc.). Finally, the proposed scheme is verified using the widely accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The results show that our protocol can safely resist various attacks and can achieve the expected goals. Moreover, the proposed scheme is practically experimented using the NS3 simulator.
... A new mutual authentication method of IoT devices in fog environment proposed in [12]. The handshake step in the proposed method is similar to that used in TLS protocol. ...
... In [24] introduced a new mutual authentication in IoT networks for the fog computing contexts. Although, the authentication model's speed is notable, it applies the AES algorithm [25] which has lowperformance on IoT devices for data encryption and needs to be improved using TLS cipher suites. ...
Article
The Internet of Things (IoT) has converged with Cloud computing to provide comprehensive services to users in different places. However, with the exponential growth of smart devices connected to the Internet, Cloud computing has severe challenges, especially for applications that require low-latency and real-time processing. Therefore, the Fog computing paradigm emerged that is more compatible with the IoT, in which events are processed near where they occurred for practical and quick response time. Authentication is an essential issue for og computing security since fog gateways and IoT devices are subject to many attacks. The main problem to provide authentication between IoT devices is that they have limited resources and computational processing. On the one hand, certificate-based authentication algorithms are secure but they are heavy for IoT devices. On the other hand, Pre-shared authentication algorithms such as PSK are suitable for low resource devices but are not widely used due to their low security. Therefore, this paper proposes to use the Ephemeral Elliptic Curve Diffie–Hellman (ECDHE) key exchange algorithm along with the Pre-Shared Key (PSK) as a lightweight and secure authentication scheme between the fog gateway and IoT device based on the Message Queuing Telemetry Transport (MQTT) publish–subscribe protocol in a distributed fog computing architecture. The proposed ECDHE-PSK authentication scheme uses Ephemeral Pre-shared key instead of heavy certificates that is very lightweight and also provides Perfect Forward Secrecy (PFS) feature to enhance security in comparison with the static PSK algorithm. To evaluate the resource consumption and security resistance of the proposed scheme it was implemented on the real test environment and then was compared with two state-of-the-art certificate-based authentication schemes and a static PSK-based scheme. The comprehensive performance and security evaluations showed that in the distributed publish–subscribe fog computing architecture the proposed ECDHE-PSK is almost as light as the PSK algorithm while has all security features of certificate-based algorithms.
... Considering that, when fog computing is applied, the fog gateway is the main device, because usually, it processes, analyses and stores the smart devices collected data. Providing security for those environments is a current technological and research challenge [5]. ...
Conference Paper
Full-text available
Internet of things (IoT) and Fog computing applications deal with sensitive data and need security tools to be protected against attackers. CoAP (Constrained Application Protocol), combined with DTLS (Datagram Transport Layer Security), provides security to IoT/Fog applications. However, processing times need to be considered when using this combination due to IoT/Fog environment constraints. Our work presents a CoAP with DTLS application and analyzes the performance of Raspberry Pi 3 during DTLS handshakes, data encryption and data decryption with the most relevant cipher suites. The performance of confirmable and non-confirmable CoAP POST requests is also measured and discussed in our work. We discovered that cipher suites that use RSA as an authentication method on handshake are slightly faster than cipher suites that use ECDSA, while symmetric key encryption with AES256(128)GCM are 40% faster than AES256(128) default modes. Our study also suggests CoAP modifications to obtain higher efficiency, and it might help future IoT/Fog application developers to understand CoAP and DTLS union, providing an application example and performance metrics.
Article
The fog assisted‐Internet of Things (IoT) enabled network has been a novel topic in recent years. With the rapid development of the IoT, it is imperative to accomplish security in the fog computing environment. The surface for cryptographic attacks is expanded since the fog node can analyze, store, and process data between cloud and IoT device. This article proposes elliptic curve cryptography (ECC) based mutual authentication and key agreement scheme to support secure communication between device and fog server. In this work, we have formally analyzed the proposed scheme using the most widely accepted automated validation of Internet security protocols and application (AVISPA) tool. The informal security analysis of the proposed scheme shows that the proposed method is robust against several attacks. The performance analysis has been evaluated in terms of computation and storage overhead. The security and performance analysis with theoretical proof indicates that proposed scheme attains better security than related schemes.
Article
The onboard diagnostic system (OBD) is almost standard on every modern vehicle. By exploiting the availability of wireless OBD dongles, vehicles can be assessed by the transportation authority and drivers to ensure compliance with emissions regulations. A vehicle’s OBD system can be remotely accessed by a fog node to retrieve a variety of the vehicle’s internal status and sensor readings. Such information can be shared with the transportation authority for registration renewal without the need for visiting emission stations. However, such automation comes at the risk of malicious intrusion into the OBD system by an attacker who aims to gain access to a vehicle’s internal network and control the vehicle. This article tackles this serious issue and proposes protocols for mutual authentication and securing the wireless connection between the OBD dongle, fog node, and authority. The robustness of the proposed protocols is verified using the Automated Validation of Internet Security Protocols and Applications (AVISPA) toolset.
Article
Internet of Things(IoT) may be defined as a network of smart devices that are involved in data collection and exchange. This technology has automated the day-to-day jobs and thus made our lives easier. But, real-time analysis of data is not always possible in a typical cloud-IoT architecture, especially for latency-sensitive applications. This led to the introduction of fog computing. On one side, fog layer has the capability of data processing and computation at the network edge and thus provides faster results. But, on the other hand, it also brings the attack surface closer to the devices. This makes the sensitive data on the layer vulnerable to attacks. Thus, considering Fog -IoT security is of prime importance. The security of a system or platform depends upon multiple factors. The order of selection of these factors plays a vital role in efficient assessment of security. This makes the problem of assessment of Fog-IoT security a Multi-Criteria Decision-Making (MCDM) problem. Therefore, the authors have deployed an Interval-Valued Intuitionistic Fuzzy Set (IVIFS) based Analytical Hierarchy Process (AHP) for the said environment. Using this integrated approach, the Fog-IoT security factors and their sub-factors are prioritized and ranked. The results obtained using above hybrid approach are validated by comparing them with Fuzzy-AHP (F-AHP) and Classical- AHP (C-AHP) results and are found to statistically correlated. The ideology and results of this research will help the security practitioners in accessing the security of Fog-IoT environment effectively. Moreover, the outcome of this analysis will help in paving a path for researchers by shifting their focus towards the most prioritized factor thereby assuring security in the environment.
Conference Paper
Full-text available
The scarcity of spectrum in sub-6 GHz frequency bands to meet projected wireless traffic demands has led to the wireless industry incorporating millimeter-wave technology in the design of next-generation wireless systems. The high path loss of millimeter-wave signals necessitates radios that operate in these frequencies to employ highly directional beams for transmission and reception. The transition from traditional omni-directional transmission and reception to highly directional links has drastic implications on the Medium Access Control (MAC) design, since it shifts the objective of the MAC layer from proactive interference avoidance to transmitter-receiver coordination to achieve beam alignment. In this paper, we present IRIS, a directional MAC protocol for mm-wave ad-hoc mobile networks that achieves this objective. Specifically, the Iris protocol is designed to distributedly coordinate the nodes so that transmitters and their intended receivers align their antenna boresights to establish a physical link between them when required. We establish certain performance guarantees that the Iris protocol provides, and illustrate the design process of a mm-wave ad-hoc MAC based on the Iris protocol.
Article
Full-text available
As health data are very sensitive, there is a need to prevent and control the health data with end-to-end security solutions. In general, a number of authentication and authorization schemes are available to prevent and protect the sensitive data, which are collected with the help of wearable Internet of Things (IoT) devices. The transport layer security (TLS) protocol is designed to transfer the data from source to destination in more reliable manner. This protocol enables a user to overcome the no lost or reordered messages. The more challenge with TLS is to tolerate unreliability. In order to overcome this issue, Datagram transport layer security (DTLS) protocol has been designed and used in low-power wireless constrained networks. The DTLS protocol consists of a base protocol, record layer, handshake protocol, ChangeCipherSpec and alert protocol. The complex issue with the DTLS protocol is the possibility of an attacker could send a number of ClientHello messages to a server. This scenario would cause a denial-of-service (DOS) attack against the server. This DoS attack enables new connection between the attacker and server, increasing attacker bandwidth, and allocation of resources for every ClientHello message. In order to overcome this issue, we have proposed a smart gateway-based authentication and authorization method to prevent and protect more sensitive physiological data from an attacker and malicious users. The enhanced smart gateway-based DTLS is demonstrated with the help of Contiki Network Simulator. The packet loss ratio is calculated for the CoAP, host identity protocol, CoAP-DTLS and CoAP-enhanced DTLS to evaluate the performance of the proposed work. Data transmission and handshake time are also calculated to evaluate the efficiency of the enhanced DTLS.
Article
Full-text available
Recently, Tewari and Gupta proposed a ultra-lightweight mutual authentication protocol in IoT environments for RFID tags. Their protocol aims to provide secure communication with least cost in both storage and computation. Unfortunately, in this paper, we exploit the vulnerability of this protocol. In this attack, an attacker can obtain the key shared between a back-end database server and a tag. We also explore the possibility in patching the system with some modifications.
Article
Smart healthcare is an emergent part in modern telemedical technology. To solve the problem of collecting information from roaming patients, global mobility network (GLOMONET) is a good way for data transferring. It is common sense that wireless circumstance is full of attacks, and the case how to protect the wireless network away from danger attracts researchers. We present a new two-factor authentication scheme for GLOMONETs to vanquish the hazard. Then the formal proof demonstrates that the attacker can crack the session key and the privacy of the scheme with a negligibly higher probability than directly guessing the password. Moreover, according to the informal analysis model, our scheme meets all the security properties. Finally, via performance comparison and network communication simulation by NS-3, our scheme is fit for practicality.
Article
The Internet of Things (IoT) is a vision that broadens the scope of the Internet by incorporating physical objects to identify themselves to the participating entities. This innovative concept enables a physical object to represent itself in the digital world. There have been a lot of speculations and future forecasts about these physical objects connected with the Internet, however, most of them lack secure features and are vulnerable to a wide range of attacks. Miniature sensor nodes, embedded in these physical objects, limit the support for computationally complex and resource-consuming secured algorithms. In this paper, we propose a lightweight mutual authentication scheme for the real-world physical objects of an IoT environment. It is a payload-based encryption scheme which uses a simple four-way handshake mechanism to verify the identities of the participating objects. The real-world objects communicate with each other using the client-server interaction model. Our proposed scheme uses the lightweight features of Constrained Application Protocol (CoAP) to enable the clients to observe resources residing on the server, in an energy-efficient manner. We use Advanced Encryption Standard (AES), with a key length of 128 bits, to establish a secured session for resource observation. We evaluate our scheme for a real-world scenario using NetDuino Plus 2 boards. Our scheme is computationally efficient, incurs less connection overhead and at the same time, provides a robust defence against various attacks such as, resource exhaustion, Denial-of-Service, replay and physical tampering.
Article
The Internet of Things (IoT) provides transparent and seamless incorporation of heterogeneous and different end systems. It has been widely used in many applications including smart cities such as public water system and vehicle traffic control system. In these smart city applications, a large number of IoT devices are deployed that can sense, communicate, compute and potentially actuate. The uninterrupted and accurate functioning of these devices are critical to smart city applications as crucial decisions will be made based on the data received. One of the challenging tasks is to assure the authenticity of the devices so that we can rely on the decision making process with a very high confidence. One of the characteristics of IoT devices deployed in such applications is that they have limited battery power. In this paper, we propose a lightweight mutual authentication protocol based on a novel public key encryption scheme for smart city applications. The proposed protocol takes a balance between the efficiency and communication cost without sacrificing the security. We evaluate the performance of our protocol in software and hardware environments. On the same security level, our protocol performance is significantly better than RSA and ECC based protocols.
Article
A counterfeit drug is a medication or pharmaceutical product, which is manufactured and made available on the market to deceptively represent its origin, authenticity and effectiveness, etc, and causes serious threats to the health of a patient. Counterfeited medicines make an adverse effect on the public health and also cause revenue loss to the legitimate manufacturing organizations. In this paper, we propose a new authentication scheme for medicine anti-counterfeiting system in the Internet of Things (IoT) environment which is used for checking the authenticity of pharmaceutical products (dosage forms). The proposed scheme utilizes the near field communication (NFC) and is suitable for mobile environment, which also provides efficient NFC update phase. The security analysis using the widely-accepted Real-Or-Random (ROR) model proves that the proposed scheme provides the session key (SK) security. The proposed scheme also protects other known attacks which are analyzed informally. Furthermore, the formal security verification using the broadly-accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) tool shows that the proposed scheme is secure. The scheme is efficient with respect to computation and communication costs, and also it provides additional functionality features when compared to other existing schemes. Finally, for demonstration of the practicality of the scheme, we evaluate it using the broadlyaccepted NS-2 simulation.
Article
In the Internet of Things (IoT), identification and resolution of physical object is the crucial technology for authenticating object’s identity, controlling service access, and establishing trust between object and cloud service. With the development of computer vision and pattern recognition technologies, face has been used as a high-security identification and identity authentication method which has been deployed in various applications. Face identification can ensure the consistency between individual in physical-space and his/her identity in cyber-space during the physical-cyber space mapping. However, face is a non-code and unstructured identifier. With the increase of applications in current big data environment, the characteristic of face identification will result in the growing demands for computation power and storage capacity. In this paper, we propose a face identification and resolution scheme based on cloud computing to solve the above problem. The face identification and resolution system model is presented to introduce the processes of face identifier generation and matching. Then, parallel matching mechanism and cloud computing-based resolution framework are proposed to efficiently resolve face image, control personal data access and acquire individual’s identity information. It makes full use of the advantages of cloud computing to effectively improve computation power and storage capacity. The experimental result of prototype system indicates that the proposed scheme is practically feasible and can provide efficient face identification and resolution service.
Article
A majority of RFID authentication scenarios involve a single tag that is identified independent of other tags in the field of the reader. However, there are situations that necessitate simultaneous authentication of multiple tags as well as the verification of their simultaneous physical proximity to the reader. Juels (2004) introduced yoking proof for simultaneous authentication of multiple RFID tags. Several researchers have since then developed variants of yoking proof using both symmetric and asymmetric cryptography. Given that the ambient conditions are bound to be very similar for all objects that are in close physical proximity to one another, we critically evaluate the use of various relevant ambient conditions for this purpose. Based on our evaluation, we choose to use tag temperature and develop a variant of yoking proof protocol for simultaneous authentication of multiple tags.