A double PUF-based RFID identity authentication protocol in service-centric internet of things environments

Internet of Things is one of the most important components of modern technological systems. It allows the real time synchronization and connectivity of devices with each other and with the rest of the world. The radio frequency identification system is used as node identification mechanism in the Internet of Thing networks. Since Internet of Things involve wireless channel for communication that is open for all types of malicious adversaries, therefore many security protocols have been proposed to ensure encryption over wireless channel. To reduce the overall cost of radio frequency identification enabled Internet of Thing network security, the researchers use simple bitwise logical operations such as XOR, AND, OR, and Rot and have proposed many ultralightweight mutual authentication protocols. However, almost all the previously proposed protocols were later found to be vulnerable against several attack models. Recently, a new ultralightweight mutual authentication protocol has been proposed which involves only XOR and Rotation functions in its design and claimed to be robust against all possible attack models. In this article, we have performed cryptanalysis of this recently proposed ultralightweight mutual authentication protocol and found many pitfalls and vulnerabilities in the protocol design. We have exploited weak structure of the protocol messages and proposed three attacks against the said protocol: one desynchronization and two full disclosure attacks.

Download Full-text

COMPARATIVE ANALYSIS OF INTERNET OF THINGS LIGHTWEIGHT AUTHENTICATION PROTOCOL DESIGN SCHEMES

International Journal of Advanced Research in Computer Science ◽

10.26483/ijarcs.v8i7.4050 ◽

2017 ◽

Vol 8 (7) ◽

pp. 110-114

Author(s):

S.B. Thorat ◽

Keyword(s):

Comparative Analysis ◽

Internet Of Things ◽

Authentication Protocol ◽

Protocol Design ◽

Lightweight Authentication

Download Full-text

Privacy Enhancement on Unilateral Bluetooth Authentication Protocol for Mobile Crowdsensing

Security and Communication Networks ◽

10.1155/2021/5598574 ◽

2021 ◽

Vol 2021 ◽

pp. 1-12

Author(s):

Da-Zhi Sun ◽

Ji-Dong Zhong

Keyword(s):

Internet Of Things ◽

Radio Frequency ◽

Short Range ◽

Authentication Protocol ◽

Privacy Concerns ◽

Mobile Crowdsensing ◽

Privacy Model ◽

Open Standard

As an open standard for the short-range radio frequency communications, Bluetooth is suitable for Mobile Crowdsensing Systems (MCS). However, the massive deployment of personal Bluetooth-enabled devices also raises privacy concerns on their wielders. Hence, we investigate the privacy of the unilateral authentication protocol according to the recent Bluetooth standard v5.2. The contributions of the paper are twofold. (1) We demonstrate that the unilateral authentication protocol suffers from privacy weakness. That is, the attacker is able to identify the target Bluetooth-enabled device once he observed the device’s previous transmitted messages during the protocol run. More importantly, we analyze the privacy threat of the Bluetooth MCS, when the attacker exploits the proposed privacy weakness under the typical Internet of Things (IoT) scenarios. (2) An improved unilateral authentication protocol is therefore devised to repair the weakness. Under our formal privacy model, the improved protocol provably solves the traceability problem of the original protocol in the Bluetooth standard. Additionally, the improved protocol can be easily adapted to the Bluetooth standards because it merely employs the basic cryptographic components available in the standard specifications. In addition, we also suggest and evaluate two countermeasures, which do not need to modify the original protocol.

Download Full-text

An enhanced one-bit identity authentication protocol for access control in IEEE 802.11

IEEE Military Communications Conference, 2003. MILCOM 2003. ◽

10.1109/milcom.2003.1290221 ◽

2004 ◽

Cited By ~ 1

Author(s):

Haoli Wang ◽

A. Velayutham

Keyword(s):

Access Control ◽

Ieee 802.11 ◽

Authentication Protocol ◽

Identity Authentication

Download Full-text

Lightweight Authentication Protocol for M2M Communications of Resource-Constrained Devices in Industrial Internet of Things

Sensors ◽

10.3390/s20020501 ◽

2020 ◽

Vol 20 (2) ◽

pp. 501 ◽

Cited By ~ 6

Author(s):

Evangelina Lara ◽

Leocundo Aguilar ◽

Mauricio A. Sanchez ◽

Jesús A. García

Keyword(s):

Internet Of Things ◽

Failure Detection ◽

Authentication Protocol ◽

Internet Security ◽

Industrial Internet Of Things ◽

Resource Constrained ◽

Machine Failure ◽

Industrial Internet ◽

Resource Constrained Devices ◽

Constrained Devices

The Industrial Internet of Things (IIoT) consists of sensors, networks, and services to connect and control production systems. Its benefits include supply chain monitoring and machine failure detection. However, it has many vulnerabilities, such as industrial espionage and sabotage. Furthermore, many IIoT devices are resource-constrained, which impedes the use of traditional security services for them. Authentication allows devices to be confident of each other’s identity, preventing some security attacks. Many authentication protocols have been proposed for IIoT; however, they have high computing requirements not viable to resource-constrained devices, or they have been found insecure. In this paper, an authentication protocol for resource-constrained IIoT devices is proposed. It is based on the lightweight operations xor, addition, and subtraction, and a hash function. Also, only four messages are exchanged between the principals to authenticate. It has a low execution-time and communication-cost. Its security was successfully assessed with the formal methods Automated Validation of Internet Security Protocols and Applications (AVISPA) tool and Burrows–Abadi–Needham (BAN) logic, together with an informal analysis of its resistance to known attacks. Its performance and security were compared with state-of-the-art protocols, resulting in a good performance for resource-constrained IIoT devices, and higher security similar to computational expensive schemes.

Download Full-text

Quantum identity authentication protocol based on three-photon quantum error avoidance code in edge computing

Transactions on Emerging Telecommunications Technologies ◽

10.1002/ett.3945 ◽

2020 ◽

pp. e3945

Author(s):

Zhiguo Qu ◽

Xinzhu Liu ◽

Shengyao Wu

Keyword(s):

Authentication Protocol ◽

Identity Authentication ◽

Edge Computing ◽

Quantum Identity Authentication ◽

Quantum Error ◽

Error Avoidance

Download Full-text

Attribute-Based Authentication Protocol of the Internet of Things

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.765-767.1726 ◽

2013 ◽

Vol 765-767 ◽

pp. 1726-1729

Author(s):

Yan Bing Liu ◽

Wen Jing Ren

Keyword(s):

Internet Of Things ◽

Authentication Protocol ◽

Security And Privacy ◽

The Internet ◽

Security Level ◽

The Public ◽

The Core ◽

Attribute Based Encryption ◽

Identity Based ◽

The Internet Of Things

Security and privacy is always the most important issues by the public in the Internet of Things. The core problems are associated with the diversifying of the Internet towards an Internet of things, and the different requirements to the security level for application. Therefore, this paper is to put forward an authentication model and protocol to cope with the problem. The protocol is adopted with attribute-based encryption to replace the traditional identity-based encryption (IBE), and then make formalization analysis to the security of the protocol by using BAN logic.

Download Full-text

Authentication Protocol for Securing Internet of Things

Proceedings of the Fourth International Conference on Engineering & MIS 2018 - ICEMIS '18 ◽

10.1145/3234698.3234727 ◽

2018 ◽

Cited By ~ 1

Author(s):

Ahmed Maarof ◽

Mohamed Senhadji ◽

Zouheir Labbi ◽

Mostafa Belkasmi

Keyword(s):

Internet Of Things ◽

Authentication Protocol

Download Full-text

Multi-Point Collaborative Authentication Method Based on User Image Intelligent Collection in the Internet of Things

Electronics ◽

10.3390/electronics8090978 ◽

2019 ◽

Vol 8 (9) ◽

pp. 978 ◽

Cited By ~ 1

Author(s):

Yunfa Li ◽

Yifei Tu ◽

Jiawa Lu

Keyword(s):

Internet Of Things ◽

Security Analysis ◽

Identity Authentication ◽

The Internet ◽

Local Domain ◽

Security Issues ◽

Single Identity ◽

Sensor Information ◽

Increasing Demand ◽

The Internet Of Things

With the increasing demand for intelligent services of the Internet of Things (IoT), its security issues have attracted widespread attention recently. Since most of the existing identity authentication policies are based on a single authentication mode, they are highly likely to cause problems such as illegal operation and stealing of sensor information. In order to meet the needs of increasing IoT users for the security management of intelligent services, a multi-point collaborative authentication method based on user image intelligent collection for the security problems faced by IoT in identity authentication is proposed in the paper. This method firstly collects the identity of the legal user through the intelligent collection technology and then realizes the identity authentication of the unidentified user through the collaborative authentication between the local domain management machine, the back-end image management machine, and the cloud server. Compared with the traditional single identity authentication method, our method uses three-party collaborative authentication to avoid the problem of sensor information stealing easily caused by a single authentication method, which makes the user’s identity authentication more secure and effective. The security analysis shows that the method is able to resist multiple attacks and prevent the sensor information from being illegally operated and stolen, protecting the security of the sensor information.

Download Full-text