scholarly journals Demystifying Security of LoRaWAN v1.1

2018 ◽  
Author(s):  
Ismail Butun ◽  
Nuno Pereira ◽  
Mikael Gidlund
Keyword(s):  
Internet Of Things ◽  
Risk Analysis ◽  
Security Analysis ◽  
The Internet ◽  
Security Risk ◽  
Replay Attacks ◽  
Safety Operation ◽  
The Internet Of Things

LoRa and its upper layers definition LoRaWAN is one of the most promising LPWAN technologies for implementing the Internet of Things (IoT). Although being a popular technology, several works in the literature have revealed various weaknesses regarding the security of LoRaWAN v1.0 (the official 1st draft). By using all these recommendations from the academia and industry, the LoRa-Alliance has worked on the v1.0 to develop an enhanced version and provide more secure and trustable architecture. The result of these efforts ended-up with LoRaWAN v1.1, which was released on Oct 11, 2017. This manuscript aims at demystifying the security aspects and provide a comprehensive Security Risk Analysis related to latest version of LoRaWAN. Besides, it provides several remedies to the recognized vulnerabilities. To the best of authors’ knowledge, this work is one of its first kind by providing a detailed security analysis related to latest version of LoRaWAN. According to our analysis, end-device physical capture, rogue gateway and replay attacks are found to be threating for safety operation of the network. Eventually, v1.1 of LoRaWAN is found to be less vulnerable to attacks compared to v1.0, yet possesses several security implications that need to be addressed and fixed for the upcoming releases.

scholarly journals rTLS: Secure and Efficient TLS Session Resumption for the Internet of Things

Sensors ◽  
2021 ◽  
Vol 21 (19) ◽  
pp. 6524
Author(s):  
Koen Tange ◽  
Sebastian Mödersheim ◽  
Apostolos Lalos ◽  
Xenofon Fafoutis ◽  
Nicola Dragoni
Keyword(s):  
Internet Of Things ◽  
Task Force ◽  
Security Analysis ◽  
Security Protocol ◽  
Transport Layer ◽  
The Internet ◽  
Replay Attacks ◽  
Iot Devices ◽  
Bandwidth Overhead ◽  
The Internet Of Things

In recent years, the Transport Layer Security (TLS) protocol has enjoyed rapid growth as a security protocol for the Internet of Things (IoT). In its newest iteration, TLS 1.3, the Internet Engineering Task Force (IETF) has standardized a zero round-trip time (0-RTT) session resumption sub-protocol, allowing clients to already transmit application data in their first message to the server, provided they have shared session resumption details in a previous handshake. Since it is common for IoT devices to transmit periodic messages to a server, this 0-RTT protocol can help in reducing bandwidth overhead. Unfortunately, the sub-protocol has been designed for the Web and is susceptible to replay attacks. In our previous work, we adapted the 0-RTT protocol to strengthen it against replay attacks, while also reducing bandwidth overhead, thus making it more suitable for IoT applications. However, we did not include a formal security analysis of the protocol. In this work, we address this and provide a formal security analysis using OFMC. Further, we have included more accurate estimates on its performance, as well as making minor adjustments to the protocol itself to reduce implementation ambiguity and improve resilience.

ASSESSMENT OF RISK OF SAFETY IN NETWORKS OF THE INTERNET OF THINGS

2020 ◽  
pp. 561-566
Author(s):  
Андрей Александрович Болгов ◽  
Сергей Александрович Ермаков ◽  
Лариса Владимировна Паринова ◽  
Николай Ильич Баранников ◽  
Владимир Павлович Лось ◽  
...  
Keyword(s):  
Internet Of Things ◽  
Risk Analysis ◽  
Probabilistic Models ◽  
The Internet ◽  
Response Characteristics ◽  
Common Problems ◽  
Traditional Approaches ◽  
The Internet Of Things

В статье предлагаются результаты анализа возможности применения традиционных подходов к анализу рисков в сетях Интернета вещей с учетом особенностей архитектуры построения и динамики их развития. До настоящего времени было предложено множество методов для решения таких проблем с использованием вероятностных моделей. Но несмотря на то, что они позволяют решить большинство задач, они все же могут вызывать некоторые проблемы при оценке рисков и анализе полученных результатов. Наиболее распространенные проблемы связаны со сложностью ранжирования и объективностью оценки вероятности нанесения ущерба и величины этого ущерба. По итогу к заключению статьи приводятся аргументы в пользу альтернативных методологий анализа рисков, адекватно учитывающих динамические характеристики технологии при сохранении преимуществ существующих подходов к оценке. In this article results of the analysis of possibility of application of traditional approaches to risk analysis in networks of the Internet of things taking into account features of architecture of creation and dynamics of their development are offered. So far, many methods have been proposed to solve such problems using probabilistic models. However, although they can solve most problems, they can still cause some problems when assessing risks and analyzing the results. The most common problems are related to the complexity of ranking and the objectivity of assessing the probability of damage and the magnitude of this damage. As a result, the article concludes with arguments in favor of the alternative methodologies of risk analysis which are adequately considering response characteristics of technology when saving advantages of the existing approaches to assessment are adduced.

Encryption Principles and Techniques for the Internet of Things

2019 ◽  
pp. 42-66
Author(s):  
Kundankumar Rameshwar Saraf ◽  
Malathi P. Jesudason
Keyword(s):  
Internet Of Things ◽  
Embedded System ◽  
Security Analysis ◽  
Block Size ◽  
The Internet ◽  
Lightweight Cryptography ◽  
Execution Speed ◽  
Security Algorithm ◽  
Iot Devices ◽  
The Internet Of Things

This chapter explores the encryption techniques used for the internet of things (IoT). The security algorithm used for IoT should follow many constraints of an embedded system. Hence, lightweight cryptography is an optimum security solution for IoT devices. This chapter mainly describes the need for security in IoT, the concept of lightweight cryptography, and various cryptographic algorithms along with their shortcomings given IoT. This chapter also describes the principle of operation of all the above algorithms along with their security analysis. Moreover, based on the algorithm size (i.e., the required number of gate equivalent, block size, key size, throughput, and execution speed of the algorithm), the chapter reports the comparative analysis of their performance. The chapter discusses the merits and demerits of these algorithms along with their use in the IoT system.

Internet of Things (IOT) in Healthcare – Smart Health and Surveillance, Architectures, Security Analysis and Data Transfer

2019 ◽  
Vol 7 (2) ◽  
pp. 21-40 ◽  
Author(s):  
Parthasarathy Panchatcharam ◽  
Vivekanandan S.
Keyword(s):  
Health Care ◽  
Internet Of Things ◽  
Data Transfer ◽  
Security Analysis ◽  
Healthcare Services ◽  
The Internet ◽  
Quality Health Care ◽  
Smart Healthcare ◽  
Smart Health ◽  
The Internet Of Things

Wellbeing is fundament requirement. What's more, it is human appropriate to get quality health care. These days, India is confronting numerous medical problems in light of fewer assets. This survey article displays the idea of solving health issues by utilizing a recent innovation, the Internet of Things (IOT). The Internet of Things with their developing interdisciplinary applications has changed our lives. Smart health care being one such IoT application interfaces brilliant gadgets, machines, patients, specialists, and sensors to the web. At long last, the difficulties and prospects of the improvement of IoT-based medicinal service frameworks are talked about in detail. This review additionally summarizes the security and protection worries of IoT, administrations and application of IoT and smart healthcare services that have changed the customary medicinal services framework by making healthcare administration more proficient through their applications.

scholarly journals Multi-Point Collaborative Authentication Method Based on User Image Intelligent Collection in the Internet of Things

Electronics ◽  
2019 ◽  
Vol 8 (9) ◽  
pp. 978 ◽  
Author(s):  
Yunfa Li ◽  
Yifei Tu ◽  
Jiawa Lu
Keyword(s):  
Internet Of Things ◽  
Security Analysis ◽  
Identity Authentication ◽  
The Internet ◽  
Local Domain ◽  
Security Issues ◽  
Single Identity ◽  
Sensor Information ◽  
Increasing Demand ◽  
The Internet Of Things

With the increasing demand for intelligent services of the Internet of Things (IoT), its security issues have attracted widespread attention recently. Since most of the existing identity authentication policies are based on a single authentication mode, they are highly likely to cause problems such as illegal operation and stealing of sensor information. In order to meet the needs of increasing IoT users for the security management of intelligent services, a multi-point collaborative authentication method based on user image intelligent collection for the security problems faced by IoT in identity authentication is proposed in the paper. This method firstly collects the identity of the legal user through the intelligent collection technology and then realizes the identity authentication of the unidentified user through the collaborative authentication between the local domain management machine, the back-end image management machine, and the cloud server. Compared with the traditional single identity authentication method, our method uses three-party collaborative authentication to avoid the problem of sensor information stealing easily caused by a single authentication method, which makes the user’s identity authentication more secure and effective. The security analysis shows that the method is able to resist multiple attacks and prevent the sensor information from being illegally operated and stolen, protecting the security of the sensor information.

Sign in / Sign up

Export Citation Format

Share Document