scholarly journals Secure and Efficient Authentication Scheme in IoT Environments

2021 ◽  
Vol 11 (3) ◽  
pp. 1260
Author(s):  
Abhijeet Thakare ◽  
Young-Gab Kim
Keyword(s):  
Response Time ◽  
Heavy Traffic ◽  
Security Analysis ◽  
Computation Time ◽  
Internet Security ◽  
Security Protocol ◽  
Storage Cost ◽  
Iot Devices ◽  
And Storage ◽  
Secure Architecture

Optimization of resource consumption and decreasing the response time of authentication requests is an immense urgent requirement for supporting the scalability of resources in IoT environments. The existing research attempts to design lightweight authentication protocols to address these issues. However, the schemes proposed in the literature are lacking in the creation of a lightweight (i.e., low computing, communication, and storage cost) and secure architecture. IoT devices in existing approaches consume high electricity and computing power, despite the fact that IoT devices have limited power and computing capabilities. Furthermore, the existing approaches lead to an increase in the burden on storage memory and also create heavy traffic on a communication channel, increasing the response time of device authentication requests. To overcome these limitations, we propose a novel lightweight and secure architecture that uses crypto-modules, which optimize the usage of one-way hash functions, elliptic-curve cryptography, and an exclusive-or operation. We demonstrate the proposed scheme’s security strength using informal security analysis and verified it by considering the widely used automated validation of internet security protocol application (AVISPA) and the ProVerif tool. The result shows that the proposed scheme is effective against active and passive security attacks and satisfies secure design. Moreover, we calculate the proposed scheme’s working cost by implementing it using a widely accepted standard pairing-based cryptography (PBC) library on embedded devices. The implementation proves that the proposed scheme is lightweight and reduces computation time by 0.933 ms, communication cost by 1408 bits, and storage cost by 384 bits, and removes the existing gaps.

scholarly journals Formal security analysis of lightweight authenticated key agreement protocol for IoT in cloud computing

2021 ◽  
Vol 24 (1) ◽  
pp. 621
Author(s):  
Ahmed H. Aly ◽  
Atef Ghalwash ◽  
Mona M. Nasr ◽  
Ahmed A. Abd-El Hafez
Keyword(s):  
Cloud Computing ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Internet Security ◽  
Cyber Attacks ◽  
Session Key ◽  
Sensitive Data ◽  
Processing Power ◽  
Iot Devices

The internet of things (IoT) and cloud computing are evolving technologies in the information technology field. Merging the pervasive IoT technology with cloud computing is an innovative solution for better analytics and decision-making. Deployed IoT devices offload different types of data to the cloud, while cloud computing converges the infrastructure, links up the servers, analyzes information obtained from the IoT devices, reinforces processing power, and offers huge storage capacity. However, this merging is prone to various cyber threats that affect the IoT-Cloud environment. Mutual authentication is considered as the forefront mechanism for cyber-attacks as the IoT-Cloud participants have to ensure the authenticity of each other and generate a session key for securing the exchanged traffic. While designing these mechanisms, the constrained nature of the IoT devices must be taken into consideration. We proposed a novel lightweight protocol (Light-AHAKA) for authenticating IoT-Cloud elements and establishing a key agreement for encrypting the exchanged sensitive data was proposed. In this paper, the formal verification of (Light-AHAKA) was presented to prove and verify the correctness of our proposed protocol to ensure that the protocol is free from design flaws before the deployment phase. The verification is performed based on two different approaches, the strand space model and the automated validation of internet security protocols and applications (AVISPA) tool.

scholarly journals SECURING IOT WITH BLOCKCHAIN

2021 ◽  
Vol XLVI-4/W5-2021 ◽  
pp. 529-532
Author(s):  
K. O. Toka ◽  
Y. Dikilitaş ◽  
T. Oktay ◽  
A. Sayar
Keyword(s):  
Data Transfer ◽  
Internet Security ◽  
Daily Lives ◽  
Iot Security ◽  
New Approach ◽  
Security Issues ◽  
Battery Power ◽  
Iot Devices ◽  
Processing And Storage ◽  
And Storage

Abstract. IoT is becoming ubiquitous in industry, homes, cities, literally in every aspect of our daily lives. Securing IoT-based systems is difficult because of deficiencies in the very nature of IoT devices such as limited battery power, processing, and storage, etc. Blockchain is a new approach used to securely record transactions and offers potential solutions to computer and internet security issues such as confidentiality, integrity, availability, authentication, authorization, and accountability. Blockchain, as a decentralized ledger consisting of interconnected blocks, can remedy most of the security deficiencies of heavily IoT based systems. The Hyperledger Fabric blockchain network used in this study provides confidentiality, data integrity, authentication, and data security for data obtained from IoT devices. Widely used IoT data transfer MQTT protocol is included in the proposed approach. The approach is demonstrated in a simple demo Hyperledger network with simulated IoT devices. The proposed approach is discussed in terms of network security dimensions. Based on the features of the Hyperledger Blockchain network, it is displayed that the IoT security deficiencies can largely be remedied with the proposed approach.

scholarly journals Security Analysis of DDoS Attacks Using Machine Learning Algorithms in Networks Traffic

Electronics ◽  
2021 ◽  
Vol 10 (23) ◽  
pp. 2919
Author(s):  
Rami J. Alzahrani ◽  
Ahmed Alzahrani
Keyword(s):  
Machine Learning ◽  
Random Forest ◽  
Decision Tree ◽  
New Technology ◽  
Security Analysis ◽  
Computation Time ◽  
Machine Learning Algorithms ◽  
The Internet ◽  
Ddos Attacks ◽  
Iot Devices

The recent advance in information technology has created a new era named the Internet of Things (IoT). This new technology allows objects (things) to be connected to the Internet, such as smart TVs, printers, cameras, smartphones, smartwatches, etc. This trend provides new services and applications for many users and enhances their lifestyle. The rapid growth of the IoT makes the incorporation and connection of several devices a predominant procedure. Although there are many advantages of IoT devices, there are different challenges that come as network anomalies. In this research, the current studies in the use of deep learning (DL) in DDoS intrusion detection have been presented. This research aims to implement different Machine Learning (ML) algorithms in WEKA tools to analyze the detection performance for DDoS attacks using the most recent CICDDoS2019 datasets. CICDDoS2019 was found to be the model with best results. This research has used six different types of ML algorithms which are K_Nearest_Neighbors (K-NN), super vector machine (SVM), naïve bayes (NB), decision tree (DT), random forest (RF) and logistic regression (LR). The best accuracy result in the presented evaluation was achieved when utilizing the Decision Tree (DT) and Random Forest (RF) algorithms, 99% and 99%, respectively. However, the DT is better than RF because it has a shorter computation time, 4.53 s and 84.2 s, respectively. Finally, open issues for further research in future work are presented.

scholarly journals A Proficient Algorithm For Mining Frequent Item Sets

2019 ◽  
Vol 8 (11) ◽  
pp. 3096-3099
Keyword(s):  
Computation Time ◽  
Reduction Factor ◽  
Sensor Data ◽  
Total Execution Time ◽  
Efficient Procedure ◽  
Frequent Item ◽  
Big Data Applications ◽  
Iot Devices ◽  
Frequent Item Sets ◽  
And Storage

Frequent Item set Mining (FIM) discover recurrent item sets that are extremely associated in a transactional database. It can be used in big data applications like gene extraction, social network analysis, IOT devices sensor data analysis, etc. As the data size keeps on growing, an efficient procedure is necessary to process the enormous volume of data. Apriori is one of the topmost algorithm and its entry enhanced the research in mining. The algorithm requires multiple scans of the database and produce more candidate items, which increase the computation time and storage along with the transactions size. An efficient technique is required to boost the performance of the algorithm in terms of storage and computational complexity. To reduce the complexity we proposed a reduction factor to Apriori and it can be adopted before candidate generation. Experimental results revealed that our proposed technique greatly reduce the total execution time as well as storage requirements.

scholarly journals rTLS: Secure and Efficient TLS Session Resumption for the Internet of Things

Sensors ◽  
2021 ◽  
Vol 21 (19) ◽  
pp. 6524
Author(s):  
Koen Tange ◽  
Sebastian Mödersheim ◽  
Apostolos Lalos ◽  
Xenofon Fafoutis ◽  
Nicola Dragoni
Keyword(s):  
Internet Of Things ◽  
Task Force ◽  
Security Analysis ◽  
Security Protocol ◽  
Transport Layer ◽  
The Internet ◽  
Replay Attacks ◽  
Iot Devices ◽  
Bandwidth Overhead ◽  
The Internet Of Things

In recent years, the Transport Layer Security (TLS) protocol has enjoyed rapid growth as a security protocol for the Internet of Things (IoT). In its newest iteration, TLS 1.3, the Internet Engineering Task Force (IETF) has standardized a zero round-trip time (0-RTT) session resumption sub-protocol, allowing clients to already transmit application data in their first message to the server, provided they have shared session resumption details in a previous handshake. Since it is common for IoT devices to transmit periodic messages to a server, this 0-RTT protocol can help in reducing bandwidth overhead. Unfortunately, the sub-protocol has been designed for the Web and is susceptible to replay attacks. In our previous work, we adapted the 0-RTT protocol to strengthen it against replay attacks, while also reducing bandwidth overhead, thus making it more suitable for IoT applications. However, we did not include a formal security analysis of the protocol. In this work, we address this and provide a formal security analysis using OFMC. Further, we have included more accurate estimates on its performance, as well as making minor adjustments to the protocol itself to reduce implementation ambiguity and improve resilience.

scholarly journals A novel approach for IoT tasks offloading in edge-cloud environments

2021 ◽  
Vol 10 (1) ◽  
Author(s):  
Jaber Almutairi ◽  
Mohammad Aldossary
Keyword(s):  
Service Time ◽  
Edge Computing ◽  
Cloud System ◽  
Novel Approach ◽  
Delay Sensitivity ◽  
Cloud Environments ◽  
Application Characteristics ◽  
Iot Devices ◽  
Computational Resources ◽  
And Storage

AbstractRecently, the number of Internet of Things (IoT) devices connected to the Internet has increased dramatically as well as the data produced by these devices. This would require offloading IoT tasks to release heavy computation and storage to the resource-rich nodes such as Edge Computing and Cloud Computing. Although Edge Computing is a promising enabler for latency-sensitive related issues, its deployment produces new challenges. Besides, different service architectures and offloading strategies have a different impact on the service time performance of IoT applications. Therefore, this paper presents a novel approach for task offloading in an Edge-Cloud system in order to minimize the overall service time for latency-sensitive applications. This approach adopts fuzzy logic algorithms, considering application characteristics (e.g., CPU demand, network demand and delay sensitivity) as well as resource utilization and resource heterogeneity. A number of simulation experiments are conducted to evaluate the proposed approach with other related approaches, where it was found to improve the overall service time for latency-sensitive applications and utilize the edge-cloud resources effectively. Also, the results show that different offloading decisions within the Edge-Cloud system can lead to various service time due to the computational resources and communications types.

scholarly journals Multiparty weighted threshold quantum secret sharing based on the Chinese remainder theorem to share quantum information

2021 ◽  
Vol 11 (1) ◽  
Author(s):  
Yao-Hsin Chou ◽  
Guo-Jyun Zeng ◽  
Xing-Yu Chen ◽  
Shu-Yu Kuo
Keyword(s):  
Quantum Information ◽  
Phase Shift ◽  
Quantum State ◽  
Secret Sharing ◽  
Chinese Remainder Theorem ◽  
Security Analysis ◽  
Quantum Secret Sharing ◽  
Security Protocol ◽  
Multiple Quantum ◽  
Cryptographic Primitive

AbstractSecret sharing is a widely-used security protocol and cryptographic primitive in which all people cooperate to restore encrypted information. The characteristics of a quantum field guarantee the security of information; therefore, many researchers are interested in quantum cryptography and quantum secret sharing (QSS) is an important research topic. However, most traditional QSS methods are complex and difficult to implement. In addition, most traditional QSS schemes share classical information, not quantum information which makes them inefficient to transfer and share information. In a weighted threshold QSS method, each participant has each own weight, but assigning weights usually costs multiple quantum states. Quantum state consumption will therefore increase with the weight. It is inefficient and difficult, and therefore not able to successfully build a suitable agreement. The proposed method is the first attempt to build multiparty weighted threshold QSS method using single quantum particles combine with the Chinese remainder theorem (CRT) and phase shift operation. The proposed scheme allows each participant has its own weight and the dealer can encode a quantum state with the phase shift operation. The dividing and recovery characteristics of CRT offer a simple approach to distribute partial keys. The reversibility of phase shift operation can encode and decode the secret. The proposed weighted threshold QSS scheme presents the security analysis of external attacks and internal attacks. Furthermore, the efficiency analysis shows that our method is more efficient, flexible, and simpler to implement than traditional methods.

scholarly journals What If Keys Are Leaked? towards Practical and Secure Re-Encryption in Deduplication-Based Cloud Storage

Information ◽  
2021 ◽  
Vol 12 (4) ◽  
pp. 142
Author(s):  
Weijing You ◽  
Lei Lei ◽  
Bo Chen ◽  
Limin Liu
Keyword(s):  
Experimental Evaluation ◽  
Cloud Storage ◽  
Security Analysis ◽  
Encrypted Data ◽  
Cloud Data ◽  
Storage Cost ◽  
Outsourced Data ◽  
Proof Of Ownership ◽  
Client Side ◽  
Over Time

By only storing a unique copy of duplicate data possessed by different data owners, deduplication can significantly reduce storage cost, and hence is used broadly in public clouds. When combining with confidentiality, deduplication will become problematic as encryption performed by different data owners may differentiate identical data which may then become not deduplicable. The Message-Locked Encryption (MLE) is thus utilized to derive the same encryption key for the identical data, by which the encrypted data are still deduplicable after being encrypted by different data owners. As keys may be leaked over time, re-encrypting outsourced data is of paramount importance to ensure continuous confidentiality, which, however, has not been well addressed in the literature. In this paper, we design SEDER, a SEcure client-side Deduplication system enabling Efficient Re-encryption for cloud storage by (1) leveraging all-or-nothing transform (AONT), (2) designing a new delegated re-encryption (DRE), and (3) proposing a new proof of ownership scheme for encrypted cloud data (PoWC). Security analysis and experimental evaluation validate security and efficiency of SEDER, respectively.

scholarly journals Practical Cross-Layer Radio Frequency-Based Authentication Scheme for Internet of Things

Sensors ◽  
2021 ◽  
Vol 21 (12) ◽  
pp. 4034
Author(s):  
Arie Haenel ◽  
Yoram Haddad ◽  
Maryline Laurent ◽  
Zonghua Zhang
Keyword(s):  
Internet Of Things ◽  
Radio Frequency ◽  
Real Life ◽  
Computation Time ◽  
Cost Effective ◽  
Battery Life ◽  
Cross Layer ◽  
Security Level ◽  
Cost Of Energy ◽  
Iot Devices

The Internet of Things world is in need of practical solutions for its security. Existing security mechanisms for IoT are mostly not implemented due to complexity, budget, and energy-saving issues. This is especially true for IoT devices that are battery powered, and they should be cost effective to be deployed extensively in the field. In this work, we propose a new cross-layer approach combining existing authentication protocols and existing Physical Layer Radio Frequency Fingerprinting technologies to provide hybrid authentication mechanisms that are practically proved efficient in the field. Even though several Radio Frequency Fingerprinting methods have been proposed so far, as a support for multi-factor authentication or even on their own, practical solutions are still a challenge. The accuracy results achieved with even the best systems using expensive equipment are still not sufficient on real-life systems. Our approach proposes a hybrid protocol that can save energy and computation time on the IoT devices side, proportionally to the accuracy of the Radio Frequency Fingerprinting used, which has a measurable benefit while keeping an acceptable security level. We implemented a full system operating in real time and achieved an accuracy of 99.8% for the additional cost of energy, leading to a decrease of only ~20% in battery life.

Sign in / Sign up

Export Citation Format

Share Document