scholarly journals Security and Privacy for Edge-Assisted Internet of Things Security Proof for the SKKE Protocol

2021 ◽  
Vol 2021 ◽  
pp. 1-14
Author(s):  
Xiangyang Wang ◽  
Chunxiang Gu ◽  
Fushan Wei ◽  
Siqi Lu
Keyword(s):  
Internet Of Things ◽  
Key Agreement ◽  
High Reliability ◽  
Random Oracle ◽  
Security Protocol ◽  
Security And Privacy ◽  
Wide Range ◽  
Zigbee Protocol ◽  
Symmetric Key ◽  
Zigbee Standard

As an Internet of things (IoT) technology, the ZigBee has a wide range of applications in home automation, smart energy, commercial building automation, personal, home and hospital care, telecom, and wireless sensor. The ZigBee standard has the advantage of high reliability, which is based on the security of authentication key agreement protocol, namely, the SKKE protocol. In the ZigBee standard, this protocol based on shared symmetric-key is applied on the security protocol level. It is a full symmetric-key key agreement with key confirmation scheme, while the key confirmation mechanism is provided by a message authentication coding mechanism. In this paper, we consider the security of the SKKE protocol. In the random Oracle model, we reduce the security of the SKKE protocol to the collision of the hash function and the HMAC function and the indistinguishability between the output of the random Oracle and a random number. We also give a theoretical proof with the game-based method. To our knowledge, there is no research on the provable security of the ZigBee protocol at this stage, so it is helpful to promote further research of the ZigBee protocol security.

A WSN-Oriented Key Agreement Protocol in Internet of Things

2013 ◽  
Vol 401-403 ◽  
pp. 1792-1795 ◽  
Author(s):  
Tao Liu ◽  
Ya Wen Guan ◽  
Yi Qun Yan ◽  
Li Liu ◽  
Qi Chao Deng
Keyword(s):  
Internet Of Things ◽  
Trust Management ◽  
Key Agreement ◽  
Bilinear Pairing ◽  
Negotiation Process ◽  
Third Party ◽  
Security And Privacy ◽  
The Internet ◽  
Key Agreement Protocol ◽  
The Internet Of Things

Aimed to the security and privacy issues which restrict the construction and development of the Internet of Things, a WSN-oriented key agreement protocol in the Internet of Things ( IOT) has been proposed . Trust management was introduced the security mechanism of IOT, the use of bilinear pairing technology, the identity-based key agreement was realized. Using the protocol not only can effectively prevent attacks from outside the network and can recognize the abnormal nodes which were captured or lapsed efficacy. Thus it can reduce communication with abnormal nodes to improve network security, extending the lifetime of the network. The distributed self-organizing key negotiation process without credible third-party management can enhance the survivability of IOT, and the network has a good scalability.

scholarly journals An efficient anonymous authentication and key agreement scheme with privacy-preserving for smart cities

2021 ◽  
Vol 17 (6) ◽  
pp. 155014772110268
Author(s):  
Xueya Xia ◽  
Sai Ji ◽  
Pandi Vijayakumar ◽  
Jian Shen ◽  
Joel J. P. C. Rodrigues
Keyword(s):  
Internet Of Things ◽  
Privacy Preservation ◽  
Key Agreement ◽  
Smart Cities ◽  
Security Analysis ◽  
Security And Privacy ◽  
Experimental Simulation ◽  
Authentication And Key Agreement ◽  
Anonymous Authentication ◽  
Evaluation Mechanism

Internet of Things devices are responsible for collecting and transmitting data in smart cities, assisting smart cities to release greater potential. As Internet of Things devices are increasingly connected to smart cities, security and privacy have gradually become important issues. Recently, research works on mitigating security challenges of Internet of Things devices in smart cities mainly focused on authentication. However, in most of the existing authentication protocols, the trustworthiness evaluation of Internet of Things devices in smart cities is ignored. Considering the trustworthiness evaluation of Internet of Things devices is an important constituent of data source authentication, in this article, a cloud-aided trustworthiness evaluation mechanism is first designed to improve the credibility of the Internet of Things devices in smart cities. Furthermore, aiming at the problem that the user’s privacy is easy to leak in the process of authentication, an anonymous authentication and key agreement scheme based on non-interactive zero knowledge argument is proposed. The proposed scheme can ensure the privacy preservation and data security of Internet of Things devices in smart cities. The security analysis demonstrates that the proposed scheme is secure under q-SDH problem. The experimental simulation indicates that the performance of the proposal is greatly improved compared with other similar schemes.

scholarly journals RFID security protocols simulation and prototyping

2021 ◽  
Author(s):  
Xiaohui Yu
Keyword(s):  
Radio Frequency Identification ◽  
Security Protocol ◽  
Security And Privacy ◽  
Privacy And Security ◽  
Rfid Security ◽  
Security Issues ◽  
Frequency Identification ◽  
Symmetric Key ◽  
And Performance ◽  
Attack Models

As Radio Frequency Identification (RFID) technology achieves commercial success, its privacy and security issues are becoming a barrier to limit its potential for future start of the art applications. In this report, we present an investigation of the past and current research related to RFID security algorithms and protocols for product authentication. We also present a novel RFID security protocol based on eXtended Tiny Encryption Algorithm (XTEA). Analysis of the security and privacy level of our proposed protocol is performed using SystemC based modeling and different attack models are simulated to show that the protocol is robust and safe against application, protoypes of these attack models are implemented on FPGA platform. We also compare our proposed protocol technique with similar protocols presented in the near past that also use symmetric key algorithms to verify and demostrate main advantages of our protocol in terms of security and performance.

A Survey on Emerging Security Issues, Challenges, and Solutions for Internet of Things (IoTs)

2022 ◽  
pp. 148-175
Author(s):  
Anish Khan ◽  
Dragan Peraković
Keyword(s):  
Internet Of Things ◽  
Security And Privacy ◽  
Future Research ◽  
Security Issues ◽  
Digital World ◽  
Private Data ◽  
Wide Range ◽  
Future Research Directions ◽  
Iot Devices ◽  
Privacy Issues

The internet of things is a cutting-edge technology that is vulnerable to all sorts of fictitious solutions. As a new phase of computing emerges in the digital world, it intends to produce a huge number of smart gadgets that can host a wide range of applications and operations. IoT gadgets are a perfect target for cyber assaults because of their wide dispersion, availability/accessibility, and top-notch computing power. Furthermore, as numerous IoT devices gather and investigate private data, they become a gold mine for hostile actors. Hence, the matter of fact is that security, particularly the potential to diagnose compromised nodes, as well as the collection and preservation of testimony of an attack or illegal activity, have become top priorities. This chapter delves into the timeline and the most challenging security and privacy issues that exist in the present scenario. In addition to this, some open issues and future research directions are also discussed.

scholarly journals An Efficient Authentication and Key Agreement Protocol  for IoT-Enabled Devices in Distributed Cloud Computing Architecture

2020 ◽  
Author(s):  
Huihui Huang ◽  
Siqi Lu ◽  
Zehui Wu ◽  
Qiang Wei
Keyword(s):  
Cloud Computing ◽  
Key Agreement ◽  
Smart Cities ◽  
Security Protocol ◽  
Security And Privacy ◽  
Computing Architecture ◽  
Authentication And Key Agreement ◽  
Key Agreement Protocol ◽  
Use Of Internet ◽  
Distributed Cloud

Abstract With the widespread use of Internet of Things and cloud computing in smart cities, various security and privacy challenges may be encountered. The most basic problem is authentication between each application. Recently, in order to prevent counterfeiting attacks in the protocol of Amin et al.(2018), Kang et al. improved an authentication protocol for IoT-Enabled devices in a distributed cloud computing environment (2020). However, We found that the Kang et al.'s protocol still has a fatal vulnerability, that is, it is attacked by offline password guessing, and malicious users can easily obtain the master key of the control server. In this article, we extend their work to design a lightweight pseudonym identity based authentication and key agreement protocol using smart card. For illustrating the security of our protocol, we used the security protocol analysis tools of AVISPA and Scyther to prove that the protocol can defend against various existing attacks. We will further analyze the interaction between participants authentication path to ensure security protection from simulated attacks detailedly. In addition, based on the comparison of security functions and computing performance, our protocol is superior to the other two related protocols. As a result, the enhanced protocol will be efficient and secure in distributed cloud computing architecture for smart city.

scholarly journals Cost-Effective Proxy Signcryption Scheme for Internet of Things

2021 ◽  
Vol 2021 ◽  
pp. 1-10
Author(s):  
Insaf Ullah ◽  
Ali Alkhalifah ◽  
Muhammad Asghar Khan ◽  
Samih M. Mostafa
Keyword(s):  
Internet Of Things ◽  
High Speed ◽  
Random Oracle Model ◽  
Internet Security ◽  
Security And Privacy ◽  
The Internet ◽  
Resource Constrained ◽  
Sensors And Actuators ◽  
Wide Range ◽  
Iot Devices

The Internet of things (IoT) has emerged into a revolutionary technology that enables a wide range of features and applications given the proliferation of sensors and actuators embedded in everyday objects, as well as the ubiquitous availability of high-speed Internet. When nearly everything is connected to the Internet, security and privacy concerns will become more significant. Furthermore, owing to the resource-constrained nature of IoT devices, they are unable to perform standard cryptographic computations. As a result, there is a critical need for efficient and secure lightweight cryptographic scheme that can meet the demands of resource-constrained IoT devices. In this study, we propose a lightweight proxy in which a person/party can delegate its signing authority to a proxy agent. Existing proxy signcryption security approaches are computationally costly and rely on RSA, bilinear pairing, and elliptic curves cryptography (ECC). The hyperelliptic curve cryptosystem (HECC), on the other hand, employs a smaller key size while maintaining the same level of security. When assessed using the random oracle model (ROM), the proposed scheme provides resilience against indistinguishable under adaptive chosen ciphertext attacks (IND-CCA) and unforgeable under adaptive chosen message attacks (UU-ACMA). To demonstrate the viability of the proposed scheme, security analyses and comparisons with existing schemes are performed. The findings show that the proposed scheme provides high security while reducing computational and communication costs.

scholarly journals Privacy-Preserving Machine Authenticated Key Agreement for Internet of Things

2021 ◽  
Vol 13 (2) ◽  
pp. 99-120
Author(s):  
Beaton Kapito ◽  
Mwawi Nyirenda ◽  
Hyunsung Kim
Keyword(s):  
Internet Of Things ◽  
Key Agreement ◽  
Security Analysis ◽  
Physical World ◽  
Privacy Preserving ◽  
Security And Privacy ◽  
Research Gaps ◽  
Authenticated Key Agreement ◽  
Privacy And Security ◽  
Active Attacks

Internet of things (IoT) is the integration of computer-based systems and the physical world in which things interact with each other. Due to heterogeneity and resource-constrained feature of IoT devices, there are many privacy and security challenges resulting in many threat vulnerabilities in IoT environments. After reviewing and analyzing the recent IoT security, privacy, and authentication protocols, we will withdraw research gaps focused on the elimination of human factors in IoT authentication. In order to fill these research gaps, this paper proposes a privacy-preserving machine authenticated key agreement based on IoT, denoted as IoTMAKA. IoTMAKA uses dynamic identity and machine fingerprint to provide security and privacy. Security analysis shows that IoTMAKA provides anonymity and untraceability, provides freshness, and is secure against passive and active attacks. IoTMAKA reduces communication overheads by 20% and computational overheads by 25% on average as compared to the previous related works.

scholarly journals An Examination of Security and Privacy Challenges in Internet of Things

2020 ◽  
Vol 8 (4S) ◽  
pp. 1-5
Keyword(s):  
Internet Of Things ◽  
Cyber Security ◽  
Security And Privacy ◽  
The Internet ◽  
Security Threats ◽  
Large Network ◽  
Iot Security ◽  
Security Issues ◽  
Wide Range ◽  
The Internet Of Things

The Internet of Things (IoT) has been growing to market from the past several years with great potential. Many several devices have been now available in the market based on IoT, which enables it to connect with your smart phones or with any other kind of smart resources, and then that device is ready to perform smart work via the Internet. With the help of IoT, we are now able to make our devices connect with the internet and then can be operated from anywhere from the geo location as well as it can store and retrieve a large amount of data for better communication between the end-user and the device. IoT also has a wide range of applications that are being used on many platforms. However, this great technology also has to face many problems and among all the problems the main issue arises with its security aspects. The major concern on using IoT security is the hacker wants to enter into the large network system using a particular device as all the devices are connected over the network. Not only this, many other security threats and malware are also a major concern in IoT. So taking these security aspects as a major concern this research paper reviews several security issues and challenges that occur in IoT. As there in every field when it comes to cyber security for any kind of data, we need to follow CIA Security Triangle i.e., Confidentiality, Integrity, and Availability of data. CIA security triangle is the most important concept in terms of security and also must be taken into consideration in the IoT domain. Therefore, considering all these facts and reviewing some of the latest documents as well as researches in the field of IoT, this paper has been based on all the facts related to IoT security issues and its desirable solution which is needed to be done and should follow the security triangle to an extent.

scholarly journals RFID security protocols simulation and prototyping

2021 ◽  
Author(s):  
Xiaohui Yu
Keyword(s):  
Radio Frequency Identification ◽  
Security Protocol ◽  
Security And Privacy ◽  
Privacy And Security ◽  
Rfid Security ◽  
Security Issues ◽  
Frequency Identification ◽  
Symmetric Key ◽  
And Performance ◽  
Attack Models

As Radio Frequency Identification (RFID) technology achieves commercial success, its privacy and security issues are becoming a barrier to limit its potential for future start of the art applications. In this report, we present an investigation of the past and current research related to RFID security algorithms and protocols for product authentication. We also present a novel RFID security protocol based on eXtended Tiny Encryption Algorithm (XTEA). Analysis of the security and privacy level of our proposed protocol is performed using SystemC based modeling and different attack models are simulated to show that the protocol is robust and safe against application, protoypes of these attack models are implemented on FPGA platform. We also compare our proposed protocol technique with similar protocols presented in the near past that also use symmetric key algorithms to verify and demostrate main advantages of our protocol in terms of security and performance.

scholarly journals An efficient authentication and key agreement protocol for IoT-enabled devices in distributed cloud computing architecture

2021 ◽  
Vol 2021 (1) ◽  
Author(s):  
Huihui Huang ◽  
Siqi Lu ◽  
Zehui Wu ◽  
Qiang Wei
Keyword(s):  
Cloud Computing ◽  
Key Agreement ◽  
Smart Cities ◽  
Security Protocol ◽  
Security And Privacy ◽  
Computing Architecture ◽  
Authentication And Key Agreement ◽  
Key Agreement Protocol ◽  
Iot Devices ◽  
Distributed Cloud

AbstractWith the widespread use of Internet of Things and cloud computing in smart cities, various security and privacy challenges may be encountered.The most basic problem is authentication between each application, such as participating users, IoT devices, distributed servers, authentication centers, etc. In 2020, Kang et al. improved an authentication protocol for IoT-Enabled devices in a distributed cloud computing environment and its main purpose was in order to prevent counterfeiting attacks in Amin et al.’ protocol, which was published in 2018. However, We found that the Kang et al.’s protocol still has a fatal vulnerability, that is, it is attacked by offline password guessing, and malicious users can easily obtain the master key of the control server. In this article, we extend their work to design a lightweight pseudonym identity based authentication and key agreement protocol using smart card. For illustrating the security of our protocol, we used the security protocol analysis tools of AVISPA and Scyther to prove that the protocol can defend against various existing attacks. We will further analyze the interaction between participants authentication path to ensure security protection from simulated attacks detailedly. In addition, based on the comparison of security functions and computing performance, our protocol is superior to the other two related protocols. As a result, the enhanced protocol will be efficient and secure in distributed cloud computing architecture for smart city.

Sign in / Sign up

Export Citation Format

Share Document