Memory and machine attributes-based profiling and elliptic curve cryptography-based multi-level authentication for the security of Internet of Things

2017 ◽  
Vol 10 (2) ◽  
pp. 241-256 ◽  
Author(s):  
Vivek V. Jog ◽  
Senthil Murugan T.
Keyword(s):  
Internet Of Things ◽  
Elliptic Curve ◽  
Elliptic Curve Cryptography ◽  
Rapid Development ◽  
Impersonation Attack ◽  
Content Type ◽  
Password Guessing Attack ◽  
Security Challenges ◽  
Multi Level ◽  
Active Attacks

Purpose Due to the connectivity of the multiple devices and the systems on the same network, rapid development has become possible in Internet of Things (IoTs) for the last decade. But, IoT is mostly affected with severe security challenges due to the potential vulnerabilities happened through the multiple connectivity of sensors, devices and system. In order to handle the security challenges, literature presents a handful of security protocols for IoT. The purpose of this paper is to present a threat profiling and elliptic curve cryptography (ECC)-based mutual and multi-level authentication for the security of IoTs. This work contains two security attributes like memory and machine-related attributes for maintaining the profile table. Also, the profile table stores the value after encrypting the value with ECC to avoid storage resilience using the proposed protocol. Furthermore, three entities like, IoT device, server and authorization centre (AC) performs the verification based on seven levels mutually to provide the resilience against most of the widely accepted attacks. Finally, DPWSim is utilized for simulation of IoT and verification of proposed protocol to show that the protocol is secure against passive and active attacks. Design/methodology/approach In this work, the authors have presented a threat profiling and ECC-based mutual and multi-level authentication for the security of IoTs. This work contains two security attributes like memory and machine-related attributes for maintaining the profile table. Also, the profile table stores the value after encrypting the value with ECC to avoid storage resilience using the proposed protocol. Furthermore, three entities like, IoT device, server and AC performs the verification based on seven levels mutually to provide the resilience against most of the widely accepted attacks. Findings DPWSim is utilized for simulation of IoT and verification of the proposed protocol to show that this protocol is secure against passive and active attacks. Also, attack analysis is carried out to prove the robustness of the proposed protocol against the password guessing attack, impersonation attack, server spoofing attack, stolen verifier attack and reply attack. Originality/value This paper presents a threat profiling and ECC-based mutual and multi-level authentication for the security of IoTs.

scholarly journals MEKDA: Multi-Level ECC based Key Distribution and Authentication in Internet of Things

2021 ◽  
Vol 13 (6) ◽  
pp. 19-39
Author(s):  
Padmashree M G ◽  
Mallikarjun J P ◽  
Arunalatha J S ◽  
Venugopal K R
Keyword(s):  
Internet Of Things ◽  
Elliptic Curve ◽  
Elliptic Curve Cryptography ◽  
Data Communication ◽  
Key Distribution ◽  
Human Interaction ◽  
Security Measures ◽  
Security Challenges ◽  
Multi Level ◽  
Iot Devices

The Internet of Things (IoT) is an extensive system of networks and connected devices with minimal human interaction and swift growth. The constraints of the System and limitations of Devices pose several challenges, including security; hence billions of devices must protect from attacks and compromises. The resource-constrained nature of IoT devices amplifies security challenges. Thus standard data communication and security measures are inefficient in the IoT environment. The ubiquity of IoT devices and their deployment in sensitive applications increase the vulnerability of any security breaches to risk lives. Hence, IoT-related security challenges are of great concern. Authentication is the solution to the vulnerability of a malicious device in the IoT environment. The proposed Multi-level Elliptic Curve Cryptography based Key Distribution and Authentication in IoT enhances the security by Multi-level Authentication when the devices enter or exit the Cluster in an IoT system. The decreased Computation Time and Energy Consumption by generating and distributing Keys using Elliptic Curve Cryptography extends the availability of the IoT devices. The Performance analysis shows the improvement over the Fast Authentication and Data Transfer method.

scholarly journals A Multi-Server Two-Factor Authentication Scheme with Un-Traceability Using Elliptic Curve Cryptography

Sensors ◽  
2018 ◽  
Vol 18 (7) ◽  
pp. 2394 ◽  
Author(s):  
Guosheng Xu ◽  
Shuming Qiu ◽  
Haseeb Ahmad ◽  
Guoai Xu ◽  
Yanhui Guo ◽  
...  
Keyword(s):  
Elliptic Curve ◽  
Elliptic Curve Cryptography ◽  
Secure Communication ◽  
Vital Role ◽  
Authentication Scheme ◽  
Impersonation Attack ◽  
Password Guessing Attack ◽  
Perfect Forward Secrecy ◽  
Guessing Attack ◽  
Multi Server

To provide secure communication, the authentication-and-key-agreement scheme plays a vital role in multi-server environments, Internet of Things (IoT), wireless sensor networks (WSNs), etc. This scheme enables users and servers to negotiate for a common session initiation key. Our proposal first analyzes Amin et al.’s authentication scheme based on RSA and proves that it cannot provide perfect forward secrecy and user un-traceability, and is susceptible to offline password guessing attack and key-compromise user impersonation attack. Secondly, we provide that Srinivas et al.’s multi-server authentication scheme is not secured against offline password guessing attack and key-compromise user impersonation attack, and is unable to ensure user un-traceability. To remedy such limitations and improve computational efficiency, we present a multi-server two-factor authentication scheme using elliptic curve cryptography (ECC). Subsequently, employing heuristic analysis and Burrows–Abadi–Needham logic (BAN-Logic) proof, it is proven that the presented scheme provides security against all known attacks, and in particular provides user un-traceability and perfect forward security. Finally, appropriate comparisons with prevalent works demonstrate the robustness and feasibility of the presented solution in multi-server environments.

scholarly journals An Optimal Multilevel Encryption Technique for Securing the Data Transmission in IoT

2020 ◽  
Vol 9 (3) ◽  
pp. 1239-1242
Keyword(s):  
Internet Of Things ◽  
Elliptic Curve ◽  
Data Transmission ◽  
Data Security ◽  
Elliptic Curve Cryptography ◽  
Daily Life ◽  
Secret Message ◽  
Critical Component ◽  
Iot Applications ◽  
Iot Devices

Internet of Things(IoT) is playing a pivotal role in our daily life as well as in various fields like Health, agriculture, industries etc. In the go, the data in the various IoT applications will be easily available to the physical dominion and thus the process of ensuringthe security of the data will be a major concern. For the extensive implementation of the numerous applications of IoT , the data security is a critical component. In our work, we have developed an encryption technique to secure the data of IoT. With the help of Merkle-Hellman encryption the data collected from the various IoT devices are first of all encrypted and then the secret message is generated with the help of Elliptic Curve Cryptography.

Choosing a Suitable Public Cryptosystem for Internet of Things

2020 ◽  
Vol 17 (1) ◽  
pp. 402-408
Author(s):  
Soram Ranbir Singh ◽  
Khan Kumar Ajoy
Keyword(s):  
Sensor Networks ◽  
Internet Of Things ◽  
Elliptic Curve ◽  
Elliptic Curve Cryptography ◽  
Key Management ◽  
Security And Privacy ◽  
European Symposium ◽  
The Internet ◽  
Management Scheme ◽  
In The Wild

The Internet of Things (IoT) has ushered in numerous devices in many areas in our life and in industries. It could comprise devices with sensors to gather and broadcast data over the internet. As the devices are IP-based and the media are shared, any user in the network can have an access to the communication contents. The only way to impose access control in the sensor networks is through cryptography. A key is applied to encrypt the communication to prevent from unauthorized access to the network. Choosing a suitable key management scheme is very important in sensor networks as it should satisfy the constraints of the sensors. There are two indispensable public cryptosystems available in the literatures-RSA and Elliptic curve cryptography (ECC). ECC gives strong resistance to cryptanalytic attacks. So, it is used with smaller key sizes than RSA (Valenta, L., et al., 2018. In Search of CurveSwap: Measuring Elliptic Curve Implementations in the Wild. 2018 IEEE European Symposium on Security and Privacy (EuroS&P), April; IEEE. pp.384–398). The most prettiness of using elliptic curve cryptography over other cryptosystems (i.e., RSA) is that it provides same security strength for a lesser key without breaching the system, thereby consuming less resources and ameliorating performances and fast data throughput of the devices. To choose a suitable public cryptosystem for use in IoT devices like sensor networks, elliptic curve cryptography and RSA are comparatively analyzed in this paper.

scholarly journals Mitigation of Spoofing Attacks on IOT Home Networks

2019 ◽  
Vol 9 (1S) ◽  
pp. 240-245
Keyword(s):  
Internet Of Things ◽  
Elliptic Curve ◽  
Everyday Life ◽  
Elliptic Curve Cryptography ◽  
Home Networks ◽  
Computational Power ◽  
Authentication Mechanism ◽  
Storage Area ◽  
Iot Devices ◽  
And Storage

internet of things is now everywhere and even if people are aware of it or not, it is part of our everyday life. For something that is so much in pace with our life, iot collects a lot of information about our day today life, which in case of a data leak or hijacking could lead to catastrophic effects in the society. Still iot devices are not manufactured keeping in mind the security factor. This paper dives into the problem of spoofing attacks dealt by iot devices and comes up with an authentication mechanism, which uses variants of elliptic curve cryptography to protect against such said attacks without exhausting the devices in case of computational power and storage area. The experimentation clearly revealed the strength of the scheme to mitigate spoofing attacks on the iot home networks.

scholarly journals An Anonymous and Efficient ECC-Based Authentication Scheme for SIP

2020 ◽  
Vol 2020 ◽  
pp. 1-11
Author(s):  
Yousheng Zhou ◽  
Xinyun Chen
Keyword(s):  
Performance Analysis ◽  
Elliptic Curve ◽  
Elliptic Curve Cryptography ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Impersonation Attack ◽  
Authentication Schemes ◽  
And Performance ◽  
Secure Authentication ◽  
Key Compromise Impersonation

Session initiation protocol (SIP), a widely used signal protocol for controlling multimedia communication sessions, is under numerous attacks when performing the authentication steps between the user and server. So secure authentication schemes are needed to be presented for SIP. Recently, Arshad et al. advanced novel schemes for SIP using elliptic curve cryptography (ECC) and claimed their schemes can resist various attacks. However, Lu et al. found that Arshad et al.’s scheme cannot resist trace and key-compromise impersonation attacks; hence, it cannot provide proper mutual authentication. Meanwhile, an enhanced scheme was advanced by Lu et al. and they stated that their scheme can stand up to possible known attacks. Nevertheless, in this paper, we conclude that Arshad and Nikooghadam’s scheme is insecure against impersonation attack and Lu et al.’s scheme is still vulnerable to impersonation attack. To overcome these weaknesses of their schemes, we present a novel anonymous ECC-based scheme for SIP. Security analysis and performance analysis show that our proposed scheme can resist various known attacks and efficient in the meantime.

Sign in / Sign up

Export Citation Format

Share Document