A Strongly Unforgeable Certificateless Signature Scheme and Its Application in IoT Environments

With the widespread application of the Internet of Things (IoT), ensuring communication security for IoT devices is of considerable importance. Since IoT data are vulnerable to eavesdropping, tampering, forgery, and other attacks during an open network transmission, the integrity and authenticity of data are fundamental security requirements in the IoT. A certificateless signature (CLS) is a viable solution for providing data integrity, data authenticity, and identity identification in resource-constrained IoT devices. Therefore, designing a secure and efficient CLS scheme for IoT environments has become one of the main objectives of IoT security research. However, the existing CLS schemes rarely focus on strong unforgeability and replay attacks. Herein, we design a novel CLS scheme to protect the integrity and authenticity of IoT data. In addition to satisfying the strong unforgeability requirement, the proposed scheme also resists public key replacement attacks, malicious-but-passive key-generation-centre attacks, and replay attacks. Compared with other related CLS schemes without random oracles, our CLS scheme has a shorter private key, stronger security, and lower communication and computational costs.

Download Full-text

Approaching the Communication Constraints of Ethereum-Based Decentralized Applications

Sensors ◽

10.3390/s19112647 ◽

2019 ◽

Vol 19 (11) ◽

pp. 2647 ◽

Cited By ~ 3

Author(s):

Matevž Pustišek ◽

Anton Umek ◽

Andrej Kos

Keyword(s):

Communication Networks ◽

Security Requirements ◽

Data Traffic ◽

High Coverage ◽

Related Data ◽

Remote Server ◽

Small Influence ◽

Store Location ◽

Iot Devices ◽

The Internet Of Things

Those working on Blockchain technologies have described several new innovative directions and novel services in the Internet of things (IoT), including decentralized trust, trusted and verifiable execution of smart contracts, and machine-to-machine communications and automation that reach beyond the mere exchange of data. However, applying blockchain principles in the IoT is a challenge due to the constraints of the end devices. Because of fierce cost pressure, the hardware resources in these devices are usually reduced to the minimum necessary for operation. To achieve the high coverage needed, low bitrate mobile or wireless technologies are frequently applied, so the communication is often constrained, too. These constraints make the implementation of blockchain nodes for IoT as standalone end-devices impractical or even impossible. We therefore investigated possible design approaches to decentralized applications based on the Ethereum blockchain for the IoT. We proposed and evaluated three application architectures differing in communication, computation, storage, and security requirements. In a pilot setup we measured and analyzed the data traffic needed to run the blockchain clients and their applications. We found out that with the appropriate designs and the remote server architecture we can strongly reduce the storage and communication requirements imposed on devices, with predictable security implications. Periodic device traffic is reduced to 2400 B/s (HTTP) and 170 B/s (Websocket) from about 18 kB/s in the standalone-device full client architecture. A notification about a captured blockchain event and the corresponding verification resulted in about 2000 B of data. A transaction sent from the application to the client resulted in an about 500 B (HTTP) and 300 B message (Websocket). The key store location, which affects the serialization of a transaction, only had a small influence on the transaction-related data. Raw transaction messages were 45 B larger than when passing the JSON transaction objects. These findings provide directions for fog/cloud IoT application designers to avoid unrealistic expectations imposed upon their IoT devices and blockchain technologies, and enable them to select the appropriate system design according to the intended use case and system constraints. However, for very low bit-rate communication networks, new communication protocols for device to blockchain-client need to be considered.

Download Full-text

A Survey of Authentication Schemes in the Internet of Things

International Journal of Smart Security Technologies ◽

10.4018/ijsst.2019010102 ◽

2019 ◽

Vol 6 (1) ◽

pp. 15-30 ◽

Cited By ~ 1

Author(s):

Yasmine Labiod ◽

Abdelaziz Amara Korba ◽

Nacira Ghoualmi-Zine

Keyword(s):

Internet Of Things ◽

Security Requirements ◽

Security And Privacy ◽

The Internet ◽

Privacy And Security ◽

Depth Study ◽

Authentication Schemes ◽

Iot Devices ◽

Privacy Issues ◽

The Internet Of Things

In the recent years, the Internet of Things (IoT) has been widely deployed in different daily life aspects such as home automation, electronic health, the electric grid, etc. Nevertheless, the IoT paradigm raises major security and privacy issues. To secure the IoT devices, many research works have been conducted to counter those issues and discover a better way to remove those risks, or at least reduce their effects on the user's privacy and security requirements. This article mainly focuses on a critical review of the recent authentication techniques for IoT devices. First, this research presents a taxonomy of the current cryptography-based authentication schemes for IoT. In addition, this is followed by a discussion of the limitations, advantages, objectives, and attacks supported of current cryptography-based authentication schemes. Finally, the authors make in-depth study on the most relevant authentication schemes for IoT in the context of users, devices, and architecture that are needed to secure IoT environments and that are needed for improving IoT security and items to be addressed in the future.

Download Full-text

Security trends in Internet of Things: a survey

SN Applied Sciences ◽

10.1007/s42452-021-04156-9 ◽

2021 ◽

Vol 3 (1) ◽

Author(s):

Rachit ◽

Shobha Bhatt ◽

Prakash Rao Ragiri

Keyword(s):

Internet Of Things ◽

Research Community ◽

Security Requirements ◽

Embedded Devices ◽

Iot Security ◽

Security Research ◽

Security Models ◽

Security Challenges ◽

The Internet Of Things ◽

Insight Into

AbstractThe Internet of Things (IoT) is a network of embedded devices that are uniquely identifiable and have embedded software required to communicate between the transient states. The purpose of this study is to explore discrete IoT security challenges pertaining to currently deployed IoT standards and protocols. We have presented a detailed review in this study that focuses on IoT's imminent security aspects, covering identification of risks pertaining to the current IoT system, novel security protocols, and security projects proffered in recent years. This work presents an updated review of the IoT architecture in the protocols and standards that are proffered for the next-gen IoT systems. A security-specific comparative analysis of protocols, standards, and proffered security models are presented as per IoT security requirements. This study elicits the need for standardization at the communication and data audit level, which exposes the hardware, software, and data to various threats and attacks. Our study reveals a need for protocols that are competent enough to be accorded for over one threat vector. This paper provides an insight into the latest security research trends, which will prove beneficial in the development of IoT security. The research outcomes can benefit the research community in IoT by integrating IoT-based devices' best security aspects.

Download Full-text

Assesing the Services, security Threaths, Challenges and Solutions in the Internet of Things

Scalable Computing Practice and Experience ◽

10.12694/scpe.v20i3.1544 ◽

2019 ◽

Vol 20 (3) ◽

pp. 457-484 ◽

Cited By ~ 2

Author(s):

Syed Rameem Zahra ◽

Mohammad Ahsan Chishti

Keyword(s):

Internet Of Things ◽

Security Requirements ◽

Security And Privacy ◽

Wireless Sensor ◽

Personal Health ◽

Security Threats ◽

Recent Past ◽

The World ◽

Iot Devices ◽

The Internet Of Things

The purpose of this paper is to chalk out the criticality of the most important pillar of Internet of Things (IoT),i.e., Security and Privacy (S&P). IoT has seen its journey from implausible and impossible to sustainable and tenable. Its rateof expansion into various grounds from agriculture to sports; personal health to intelligent trac detection; waste managementto smart homes is astonishing, dramatic and unforeseen. With such vast adaptability and functionality, its security remains thebiggest concern because in contrast to the traditional networks, IoT faces huge vulnerabilities some of which are inherent and othersexplicit. The existing security solutions cannot be implemented in IoT because of its unique characteristics. Therefore, there is adire need to develop novel security procedures betting IoT. This paper spots the features that are peculiar to IoT and concurrentlyanalyzes the security threats and challenges they pose. This work also provides a glimpse of the major IoT implementations withtheir particular security requirements and challenges. Moreover, this paper critically evaluates the proposed countermeasures tosecurity attacks on dierent features and why they cannot be used in IoT environments. Also, it is found that most of the securitysolutions used in IoT devices are inspired from Wireless Sensor Networks (WSN) but the striking dierences among the two makethem inadequate in IoT. The security requirements and challenges peculiar to various IoT services are also identied. To assist theresearchers in remaining up-to-date, we for the rst time have thoroughly expressed some of the most famous and practical attacksfaced across the world in the recent past, how much damage they caused, how much nancial losses were faced, etc.

Download Full-text

A Strong Designated Verifier Proxy Re-Signature Scheme for IoT Environments

Symmetry ◽

10.3390/sym10110580 ◽

2018 ◽

Vol 10 (11) ◽

pp. 580 ◽

Cited By ~ 3

Author(s):

Xiao-Dong Yang ◽

Li-Kun Xiao ◽

Chun-Lin Chen ◽

Cai-Fen Wang

Keyword(s):

Security Model ◽

Daily Lives ◽

Random Oracles ◽

Resource Limited ◽

The Standard Model ◽

Identity Privacy ◽

Designated Verifier ◽

Iot Devices ◽

Definition Of ◽

The Internet Of Things

With the rapid popularization of the Internet of Things (IoT) in our daily lives, the communication security and identity privacy of IoT devices must be ensured. However, traditional authentication mechanisms utilized in IoT cannot completely ensure a user’s privacy when his/her messages are routed via an untrusted intermediate device. Strong designated-verifier proxy re-signature (SDVPRS) is a new cryptographic technology that combines the advantages of strong designated verifier signature and proxy re-signature. Therefore, SDVPRS is considered to be a better approach to maintain data integrity and protect the identity privacy of the signer in a resource-limited IoT device. Nevertheless, designing a secure SDVPRS scheme without random oracles is still a challenging task. In this paper, we mainly focus on such a construction by providing a new method. We first provide the formal definition of SDVPRS and its security model. Then, we present the first SDVPRS scheme, which is bidirectional, multi-use and non-transferable, and we prove its security under the standard complexity assumptions in the standard model. The analysis results show that our SDVPRS scheme can not only protect the privacy of the signer’s identity, but also provide non-delegatability for signature verification. We present an example of potential application to environmental monitoring systems using our SDVPRS scheme.

Download Full-text

A Survey of Authentication Schemes in the Internet of Things

Research Anthology on Blockchain Technology in Business, Healthcare, Education, and Government ◽

10.4018/978-1-7998-5351-0.ch093 ◽

2021 ◽

pp. 1715-1732

Author(s):

Yasmine Labiod ◽

Abdelaziz Amara Korba ◽

Nacira Ghoualmi-Zine

Keyword(s):

Internet Of Things ◽

Security Requirements ◽

Security And Privacy ◽

The Internet ◽

Privacy And Security ◽

Depth Study ◽

Authentication Schemes ◽

Iot Devices ◽

Privacy Issues ◽

The Internet Of Things

Download Full-text

Strongly Unforgeable Certificateless Signature Resisting Attacks from Malicious-But-Passive KGC

Security and Communication Networks ◽

10.1155/2017/5704865 ◽

2017 ◽

Vol 2017 ◽

pp. 1-8 ◽

Cited By ~ 6

Author(s):

Wenjie Yang ◽

Jian Weng ◽

Weiqi Luo ◽

Anjia Yang

Keyword(s):

Standard Model ◽

Digital Signature ◽

Theory And Practice ◽

Key Generation ◽

Random Oracles ◽

The Standard Model ◽

Certificateless Signature ◽

Adversarial Model ◽

Strong Unforgeability

In digital signature, strong unforgeability requires that an attacker cannot forge a new signature on any previously signed/new messages, which is attractive in both theory and practice. Recently, a strongly unforgeable certificateless signature (CLS) scheme without random oracles was presented. In this paper, we firstly show that the scheme fails to achieve strong unforgeability by forging a new signature on a previously signed message under its adversarial model. Then, we point out that the scheme is also vulnerable to the malicious-but-passive key generation center (MKGC) attacks. Finally, we propose an improved strongly unforgeable CLS scheme in the standard model. The improved scheme not only meets the requirement of strong unforgeability but also withstands the MKGC attacks. To the best of our knowledge, we are the first to prove a CLS scheme to be strongly unforgeable against the MKGC attacks without using random oracles.

Download Full-text

Predicting Internet of Things (IOT) Security and Privacy Risks – A Proposal Model: توقع مخاطر أمن وخصوصية إنترنت الأشياء (IOT) – نموذج مقترح بحثي

Journal of engineering sciences and information technology - مجلة العلوم الهندسية و تكنولوجيا المعلومات ◽

10.26389/ajsrp.q070621 ◽

2021 ◽

Vol 5 (3) ◽

pp. 133-112

Author(s):

Awad Saad Al-Qahtani, Mohammad Ayoub Khan Awad Saad Al-Qahtani, Mohammad Ayoub Khan

Keyword(s):

Internet Of Things ◽

Security Management ◽

Cyber Attacks ◽

Security Requirements ◽

Security And Privacy ◽

The Internet ◽

Security Risks ◽

Iot Security ◽

Iot Devices ◽

The Internet Of Things

The Internet of things (IOT) users lack awareness of IOT security infrastructure to handle the risks including Threats, attack and penetration associated with its use. IOT devices are main targets for cyber-attacks due to variable personally identifiable information (PII) stored and transmit in the cyber centers. The security risks of the Internet of Things aimed to damage user's security and privacy. All information about users can be collected from their related objects which are stored in the system or transferred through mediums among diverse smart objects and may exposed to exposed dangerous of attacks and threats if it lack authentication so there are essential need to make IOT security requirements as important part of its efficient implementation. These requirements include; availability, accountability, authentication, authorization, privacy and confidentiality, Integrity and Non-repudiation. The study design is a survey research to investigate the visibility of the proposed model of security management for IOT uses, the security risks of IOT devices, and the changes IOT technology on the IT infrastructure of IOT users through answering of the research questionnaires. This work proposes a model of security management for IOT to predict IOT security and privacy threats, protect IOT users from any unforeseen dangers, and determine the right security mechanisms and protocols for IOT security layers, as well as give the most convenient security mechanisms. Moreover, for enhancing the performance of IOT networks by selecting suitable security mechanisms for IOT layers to increase IOT user's security satisfaction.

Download Full-text

Decentralized Data Aggregation: A New Secure Framework Based on Lightweight Cryptographic Algorithms

Wireless Communications and Mobile Computing ◽

10.1155/2021/5565663 ◽

2021 ◽

Vol 2021 ◽

pp. 1-12

Author(s):

Xin Xie ◽

Yu-Chi Chen

Keyword(s):

Data Aggregation ◽

Data Privacy ◽

Differential Privacy ◽

Security Requirements ◽

Cryptographic Primitives ◽

Privacy And Security ◽

System A ◽

Iot Devices ◽

Access Data ◽

The Internet Of Things

Blockchain has become very popular and suitable to the Internet of Things (IoT) field due to its nontamperability and decentralization properties. The number of IoT devices and leaders (who own IoT devices) is increased exponentially, and thus, data privacy and security are undoubtedly significant concerns. In this paper, we summarize some issues for the BeeKeeper system, a blockchain-based IoT system, proposed by Zhou et al., and then aim for presenting an improved solution for decentralized data aggregation (DDA) on IoT. Firstly, we formally state the security requirements of DDA. Secondly, we propose our basic DDA system by using secret sharing to improve its efficiency and smart contracts as the computing processors. Moreover, the proposed full-fledged system achieves data sharing (e.g., a leader to access data of others’ devices), which is realized by using local differential privacy and cryptographic primitives such as token-based encryption. Finally, to show the feasibility, we provide some implementations and experiments for the DDA systems.

Download Full-text

rTLS: Secure and Efficient TLS Session Resumption for the Internet of Things

Sensors ◽

10.3390/s21196524 ◽

2021 ◽

Vol 21 (19) ◽

pp. 6524

Author(s):

Koen Tange ◽

Sebastian Mödersheim ◽

Apostolos Lalos ◽

Xenofon Fafoutis ◽

Nicola Dragoni

Keyword(s):

Internet Of Things ◽

Task Force ◽

Security Analysis ◽

Security Protocol ◽

Transport Layer ◽

The Internet ◽

Replay Attacks ◽

Iot Devices ◽

Bandwidth Overhead ◽

The Internet Of Things

In recent years, the Transport Layer Security (TLS) protocol has enjoyed rapid growth as a security protocol for the Internet of Things (IoT). In its newest iteration, TLS 1.3, the Internet Engineering Task Force (IETF) has standardized a zero round-trip time (0-RTT) session resumption sub-protocol, allowing clients to already transmit application data in their first message to the server, provided they have shared session resumption details in a previous handshake. Since it is common for IoT devices to transmit periodic messages to a server, this 0-RTT protocol can help in reducing bandwidth overhead. Unfortunately, the sub-protocol has been designed for the Web and is susceptible to replay attacks. In our previous work, we adapted the 0-RTT protocol to strengthen it against replay attacks, while also reducing bandwidth overhead, thus making it more suitable for IoT applications. However, we did not include a formal security analysis of the protocol. In this work, we address this and provide a formal security analysis using OFMC. Further, we have included more accurate estimates on its performance, as well as making minor adjustments to the protocol itself to reduce implementation ambiguity and improve resilience.

Download Full-text