scholarly journals Contemporary Physical Clone-Resistant Identity for IoTs and Emerging Technologies

Cryptography ◽  
2021 ◽  
Vol 5 (4) ◽  
pp. 32
Author(s):  
Emad Hamadaqa ◽  
Saleh Mulhem ◽  
Wael Adi ◽  
Mladen Berekovic
Keyword(s):  
Communication Networks ◽  
Public Key Cryptography ◽  
Security Requirements ◽  
Secret Key ◽  
Open Communication ◽  
Secret Keys ◽  
Iot Devices ◽  
Classical Means ◽  
Future Technologies ◽  
Identification Techniques

Internet of things (IoT) technologies have recently gained much interest from numerous industries, where devices, machines, sensors, or simply things are linked with each other over open communication networks. However, such an operation environment brings new security threats and technology challenges in securing and stabilizing such large systems in the IoT world. Device identity in such an environment is an essential security requirement as a secure anchor for most applications towards clone-resistant resilient operational security. This paper analyzes different contemporary authenticated identification techniques and discusses possible future technologies for physically clone-resistant IoT units. Two categories of identification techniques to counteract cloning IoT units are discussed. The first category is inherently cloneable and includes the classical identification mechanisms based on secret and public key cryptography. Such techniques deploy mainly secret keys stored permanently somewhere in the IoT devices as classical means to make units clone-resistant. However, such techniques are inherently cloneable as the manufacturer or device personalizers can clone them by re-using the same secret key (which must be known to somebody) or reveal keys to third parties to create cloned entities. In contrast, the second, more resilient category is inherently unclonable because it deploys unknown and hard to predict born analog modules such as physical unclonable functions (PUFs) or mutated digital modules and so-called secret unknown ciphers (SUCs). Both techniques are DNA-like identities and hard to predict and clone even by the manufacturer itself. Born PUFs were introduced two decades ago; however, PUFs as analog functions failed to serve as practically usable unclonable electronic identities due to being costly, unstable/inconsistent, and non-practical for mass application. To overcome the drawbacks of analog PUFs, SUCs techniques were introduced a decade ago. SUCs, as mutated modules, are highly consistent, being digital modules. However, as self-mutated digital modules, they offer only clone-resistant identities. Therefore, the SUC technique is proposed as a promising clone-resistant technology embedded in emerging IoT units in non-volatile self-reconfiguring devices. The main threats and expected security requirements in the emerging IoT applications are postulated. Finally, the presented techniques are analyzed, classified, and compared considering security, performance, and complexity given future expected IoT security features and requirements.

scholarly journals Approaching the Communication Constraints of Ethereum-Based Decentralized Applications

Sensors ◽  
2019 ◽  
Vol 19 (11) ◽  
pp. 2647 ◽  
Author(s):  
Matevž Pustišek ◽  
Anton Umek ◽  
Andrej Kos
Keyword(s):  
Communication Networks ◽  
Security Requirements ◽  
Data Traffic ◽  
High Coverage ◽  
Related Data ◽  
Remote Server ◽  
Small Influence ◽  
Store Location ◽  
Iot Devices ◽  
The Internet Of Things

Those working on Blockchain technologies have described several new innovative directions and novel services in the Internet of things (IoT), including decentralized trust, trusted and verifiable execution of smart contracts, and machine-to-machine communications and automation that reach beyond the mere exchange of data. However, applying blockchain principles in the IoT is a challenge due to the constraints of the end devices. Because of fierce cost pressure, the hardware resources in these devices are usually reduced to the minimum necessary for operation. To achieve the high coverage needed, low bitrate mobile or wireless technologies are frequently applied, so the communication is often constrained, too. These constraints make the implementation of blockchain nodes for IoT as standalone end-devices impractical or even impossible. We therefore investigated possible design approaches to decentralized applications based on the Ethereum blockchain for the IoT. We proposed and evaluated three application architectures differing in communication, computation, storage, and security requirements. In a pilot setup we measured and analyzed the data traffic needed to run the blockchain clients and their applications. We found out that with the appropriate designs and the remote server architecture we can strongly reduce the storage and communication requirements imposed on devices, with predictable security implications. Periodic device traffic is reduced to 2400 B/s (HTTP) and 170 B/s (Websocket) from about 18 kB/s in the standalone-device full client architecture. A notification about a captured blockchain event and the corresponding verification resulted in about 2000 B of data. A transaction sent from the application to the client resulted in an about 500 B (HTTP) and 300 B message (Websocket). The key store location, which affects the serialization of a transaction, only had a small influence on the transaction-related data. Raw transaction messages were 45 B larger than when passing the JSON transaction objects. These findings provide directions for fog/cloud IoT application designers to avoid unrealistic expectations imposed upon their IoT devices and blockchain technologies, and enable them to select the appropriate system design according to the intended use case and system constraints. However, for very low bit-rate communication networks, new communication protocols for device to blockchain-client need to be considered.

scholarly journals Asymmetric Secret Key Transfer Scheme over an Open Channel in K-Deterministic Groups with the Conditions C (3) –T (6)

2019 ◽  
pp. 88-111
Author(s):  
N. V. Bezverkhniy ◽  
M. V. Nikitina
Keyword(s):  
Communication Channel ◽  
Inverse Function ◽  
Recognition Algorithm ◽  
Key Exchange ◽  
Secret Key ◽  
Open Communication ◽  
Transfer Scheme ◽  
Secret Keys ◽  
The One ◽  
One Way Function

The article solves a problem of developing a scheme to provide a secret key exchange over an open communication channel. The basic idea of creating such a scheme is well known. It is based on a concept of the one-way function. This refers to the functions whose values are calculated much easier than the inverse function values. When developing the one-way functions a recognition algorithm of words equality in groups with conditions of small cancellation C (3) - T (6) is used. In this case, the group is represented by a set of its generating and determining relations. All the work to accomplish development of algorithms and evaluate their complexity is carried out using the group diagrams of equality. The existence of such diagrams is proved in the well-known van Campen lemma. The paper result is that the proposed scheme for the exchange of secret keys has the following properties. Direct algorithms have a linear complexity, and a complexity of the inverse algorithms is exponential. It should be noted that the algorithms complexity was estimated by the areas of the corresponding group diagrams, which are determined by the number of areas they include. The constructed secret key represents some element of a pre-selected group with conditions C (3) – T (6). It can be represented in an infinite number of ways by words in the alphabet from the generators of the group. Thus, the remaining obstacle to the practical application of the key exchange scheme developed is the ambiguity of the secret key record. Finding a common representative as the lexicographically shortest word in the class of equal words turns out to be too difficult. Thus, this question remains open. Although the task of exchanging secret keys itself can be formally considered as solved.

scholarly journals Cryptanalysis and improvement of an encryption scheme that uses elliptic curves over finite fields

2021 ◽  
Vol 49 (1) ◽  
Author(s):  
Malik Zia Ullah Bashir ◽  
◽  
Rashid Ali ◽  
Keyword(s):  
Elliptic Curves ◽  
Discrete Logarithm ◽  
Security Requirements ◽  
Encryption Scheme ◽  
Secret Key ◽  
Public Keys ◽  
Secret Keys ◽  
Curves Over Finite Fields ◽  
Original Message ◽  
Global Parameters

In this paper, we cryptanalyzed a recently proposed encryption scheme that uses elliptic curves over a finite field. The security of the proposed scheme depends upon the elliptic curve discrete logarithm problem. Two secret keys are used to increase the security strength of the scheme as compared to traditionally used schemes that are based on one secret key. In this scheme, if an adversary gets one secret key then he is unable to get the contents of the original message without the second secret key. Our analysis shows that the proposed scheme is not secure and unable to provide the basic security requirements of the encryption scheme. Due to our successful cryptanalysis, an adversary can get the contents of the original message without the knowledge of the secret keys of the receiver. To mount the attack, Mallory first gets the transmitted ciphertext and then uses public keys of the receiver and global parameters of the scheme to recover the associated plaintext message. To overcome the security flaws, we introduced an improved version of the scheme.

scholarly journals Noise-Resilient Neural Network-Based Adversarial Attack Modeling for XOR Physical Unclonable Functions

2020 ◽  
Author(s):  
Ahmad Aseeri
Keyword(s):  
Neural Network ◽  
Integrated Circuits ◽  
Prediction Accuracy ◽  
Security Requirements ◽  
Secret Key ◽  
Training Time ◽  
Physical Unclonable Functions ◽  
Dataset Size ◽  
Iot Devices ◽  
Access To Data

Authentication plays an essential role in preventing unauthorized access to data and resources on the Internet of Things. Classical security mechanisms fall short of achieving security requirements against many physical attacks due to the resource-constraint nature of IoT devices. Physical Unclonable Functions (PUFs) have been successfully used for lightweight security applications such as devices authentication and secret key generation. PUFs utilize the inevitable variation of integrated circuits during the fabrication process to produce unique responses for individual PUF, hence not reproducible even by the manufacturer itself. However, PUFs are mathematically cloneable by machine learning-based methods. XOR arbiter PUFs are one group of PUFs that can withstand existing attack methods unless exceedingly long training time and large dataset size are applied. In this paper, large-sized XOR PUFs with 64-bit and 128-bit challenges were efficiently and effectively attacked using a carefully engineered neural network-based method. Our fine-tuned neural network-based adversarial models achieve 99% prediction accuracy on noise-free datasets and as low as 96% prediction accuracy on noisy datasets, using up to 55% smaller dataset size compared to existing works known to us. Revealing such vulnerabilities is essential for PUF developers to re-evaluate existing PUF designs, hence avoiding potential risks for IoT devices.

Bringing Security to The Smallest Embedded Systems

2017 ◽  
Author(s):  
JOSEPH YIU
Keyword(s):  
Internet Of Things ◽  
Embedded Systems ◽  
Low Cost ◽  
Security Requirements ◽  
The Internet ◽  
Security Measures ◽  
Significant Challenge ◽  
Iot Devices

The increasing need for security in microcontrollers Security has long been a significant challenge in microcontroller applications(MCUs). Traditionally, many microcontroller systems did not have strong security measures against remote attacks as most of them are not connected to the Internet, and many microcontrollers are deemed to be cheap and simple. With the growth of IoT (Internet of Things), security in low cost microcontrollers moved toward the spotlight and the security requirements of these IoT devices are now just as critical as high-end systems due to:

scholarly journals ID-based key-insulated signcryption with equality test in cloud computing

2021 ◽  
Vol 3 (4) ◽  
Author(s):  
Seth Alornyo ◽  
Kingsford Kissi Mireku ◽  
Mustapha Adamu Mohammed ◽  
Daniel Adu-Gyamfi ◽  
Michael Asante
Keyword(s):  
Cloud Computing ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Harsh Environments ◽  
Secret Key ◽  
Secret Keys ◽  
Security Property ◽  
Equality Test ◽  
Chosen Ciphertext Attack ◽  
Chosen Message Attack

AbstractKey-insulated encryption reduces the problem of secret key exposure in hostile setting while signcryption cryptosystem attains the benefits of digitally signing a ciphertext and public key cryptosystem. In this study, we merge the primitives of parallel key-insulation cryptosystem and signcryption with equality test to construct ID-based parallel key-insulated signcryption with a test for equality (ID-PKSET) in cloud computing. The construction prevent data forgery, data re-play attacks and reduces the leakage of secret keys in harsh environments. Our scheme attains the security property of existential unforgeable chosen message attack (EUF-CMA) and indistinquishable identity chosen ciphertext attack (IND-ID-CCA2) using random oracle model.

Computing Blindfolded on Data Homomorphically Encrypted under Multiple Keys: A Survey

2022 ◽  
Vol 54 (9) ◽  
pp. 1-37
Author(s):  
Asma Aloufi ◽  
Peizhao Hu ◽  
Yongsoo Song ◽  
Kristin Lauter
Keyword(s):  
Homomorphic Encryption ◽  
Lessons Learned ◽  
Secret Key ◽  
Sensitive Data ◽  
Encrypted Data ◽  
Outsourced Computation ◽  
Secret Keys ◽  
Comprehensive Survey ◽  
Multiple Keys ◽  
Cryptographic Techniques

With capability of performing computations on encrypted data without needing the secret key, homomorphic encryption (HE) is a promising cryptographic technique that makes outsourced computations secure and privacy-preserving. A decade after Gentry’s breakthrough discovery of how we might support arbitrary computations on encrypted data, many studies followed and improved various aspects of HE, such as faster bootstrapping and ciphertext packing. However, the topic of how to support secure computations on ciphertexts encrypted under multiple keys does not receive enough attention. This capability is crucial in many application scenarios where data owners want to engage in joint computations and are preferred to protect their sensitive data under their own secret keys. Enabling this capability is a non-trivial task. In this article, we present a comprehensive survey of the state-of-the-art multi-key techniques and schemes that target different systems and threat models. In particular, we review recent constructions based on Threshold Homomorphic Encryption (ThHE) and Multi-Key Homomorphic Encryption (MKHE). We analyze these cryptographic techniques and schemes based on a new secure outsourced computation model and examine their complexities. We share lessons learned and draw observations for designing better schemes with reduced overheads.

Hiding Data in Plain Sight: Towards Provably Unbreakable Encryption with Short Secret Keys and One-Way Functions

2021 ◽  
Author(s):  
Mircea-Adrian Digulescu
Keyword(s):  
Encryption Scheme ◽  
Secret Key ◽  
Small Probability ◽  
Random Data ◽  
Computing Power ◽  
Plain Text ◽  
Secret Keys ◽  
The One ◽  
One Way Function ◽  
The Cost

It has long been known that cryptographic schemes offering provably unbreakable security exist, namely the One Time Pad (OTP). The OTP, however, comes at the cost of a very long secret key - as long as the plain-text itself. In this paper we propose an encryption scheme which we (boldly) claim offers the same level of security as the OTP, while allowing for much shorter keys, of size polylogarithmic in the computing power available to the adversary. The Scheme requires a large sequence of truly random words, of length polynomial in the both plain-text size and the logarithm of the computing power the adversary has. We claim that it ensures such an attacker cannot discern the cipher output from random data, except with small probability. We also show how it can be adapted to allow for several plain-texts to be encrypted in the same cipher output, with almost independent keys. Also, we describe how it can be used in lieu of a One Way Function.

scholarly journals Securing Vehicle Communication Systems by the KLJN Key Exchange Protocol

2014 ◽  
Vol 13 (03) ◽  
pp. 1450020 ◽  
Author(s):  
Y. Saez ◽  
X. Cao ◽  
L. B. Kish ◽  
G. Pesti
Keyword(s):  
Communication Networks ◽  
Communication Systems ◽  
Security Requirements ◽  
Communication Security ◽  
Vehicular Communication ◽  
Johnson Noise ◽  
Key Exchange Protocol ◽  
Communication Architecture ◽  
Vehicle Communication ◽  
Vehicular Communication Networks

We review the security requirements for vehicular communication networks and provide a critical assessment of some typical communication security solutions. We also propose a novel unconditionally secure vehicular communication architecture that utilizes the Kirchhoff-law–Johnson-noise (KLJN) key distribution scheme.

scholarly journals Analysis of security of post-quantum algorithm of Rainbow electronic signature against potential attacks

Radiotekhnika ◽  
2021 ◽  
pp. 85-93
Author(s):  
G.А. Maleeva
Keyword(s):  
Quantum Algorithm ◽  
Public Key Cryptography ◽  
Transformation Method ◽  
Accurate Estimate ◽  
Signature Scheme ◽  
Secret Key ◽  
Mathematical Basis ◽  
Electronic Signature ◽  
Post Quantum Cryptography ◽  
Band Separation

Multidimensional public key cryptography is a candidate for post-quantum cryptography, and it makes it possible  to generate particularly short signatures and quick verification. The Rainbow signature scheme proposed by J. Dean and D. Schmidt is such a multidimensional cryptosystem and it is considered to be protected against all known attacks. The need for research on Rainbow ES is justified by the fact that there is a need to develop and adopt a post-quantum national securities standard, and that in the process of the US NIST competition on the mathematical basis of cryptographic transformation method Rainbow, promising results. Therefore, it is considered important to take them into account and use them in Ukraine. The Rainbow signature scheme can be implemented simply and efficiently using linear algebra methods over a small finite field and, in particular, creates shorter signatures than those used in RSA and other post-quantum signatures [1]. In the 2nd round of NIST PQC, protected sets of Rainbow parameters are offered and several attacks on them are analyzed [1]. When comparing ES, preference is given to ES algorithms that have been selected according to unconditional criteria, as well as those that have better indicators for integral conditional criteria, because such a technique is more rational. In particular, the Rainbow-Band-Separation (RBS) attack [2] is the best known Rainbow attack with a certain set of parameters and is important. The Rainbow-Band-Separation attack restores the Rainbow secret key by solving certain systems of quadratic equations, and its complexity is measured by a well-known measure called the degree of regularity. However, as a rule, the degree of regularity is greater than the degree of solution in experiments, and it is impossible to obtain an accurate estimate. The paper proposes a new indicator of the complexity of the Rainbow-Band-Separation attack using  F4 algorithm, which gives a more accurate estimate compared to the indicator that uses the degree of regularity. The aim of the work is a comparative analysis of ES based on MQ-transformations on the criterion of stability-complexity and an attempt to understand the security of Rainbow against RBS attack using F4.

Sign in / Sign up

Export Citation Format

Share Document