scholarly journals Enterprise Security for the Internet of Things (IoT): Lightweight Bootstrapping with EAP-NOOB

Sensors ◽  
2020 ◽  
Vol 20 (21) ◽  
pp. 6101
Author(s):  
Aleksi Peltonen ◽  
Eduardo Inglés ◽  
Sampsa Latvala ◽  
Dan Garcia-Carrillo ◽  
Mohit Sethi ◽  
...  
Keyword(s):  
Authentication Protocol ◽  
The Internet ◽  
Resource Constrained ◽  
Window Blinds ◽  
Enterprise Security ◽  
Implementation Experience ◽  
The Internet Of Things ◽  
Extensible Authentication Protocol ◽  
Resource Constrained Devices ◽  
Constrained Devices

The emergence of radio technologies, such as Zigbee, Z-Wave, and Bluetooth Mesh, has transformed simple physical devices into smart objects that can understand and react to their environment. Devices, such as light bulbs, door locks, and window blinds, can now be connected to, and remotely controlled from, the Internet. Given the resource-constrained nature of many of these devices, they have typically relied on the use of universal global shared secrets for the initial bootstrapping and commissioning phase. Such a scheme has obvious security weaknesses and it also creates undesirable walled-gardens where devices of one ecosystem do not inter-operate with the other. In this paper, we investigate whether the standard Extensible Authentication Protocol (EAP) framework can be used for secure bootstrapping of resource-constrained devices. EAP naturally provides the benefits of per-device individual credentials, straightforward revocation, and isolation of devices. In particular, we look at the Nimble out-of-band authentication for EAP (EAP-NOOB) as a candidate EAP authentication method. EAP-NOOB greatly simplifies deployment of such devices as it does not require them to be pre-provisioned with credentials of any sort. Based on our implementation experience on off-the-shelf hardware, we demonstrate that lightweight EAP-NOOB is indeed a way forward to securely bootstrap such devices.

Management of resource constrained devices in the internet of things

2012 ◽  
Vol 50 (12) ◽  
pp. 144-149 ◽  
Author(s):  
Anuj Sehgal ◽  
Vladislav Perelman ◽  
Siarhei Kuryla ◽  
Jurgen Schonwalder
Keyword(s):  
Internet Of Things ◽  
The Internet ◽  
Resource Constrained ◽  
The Internet Of Things ◽  
Resource Constrained Devices ◽  
Constrained Devices

scholarly journals Lightweight Authentication Protocol for M2M Communications of Resource-Constrained Devices in Industrial Internet of Things

Sensors ◽  
2020 ◽  
Vol 20 (2) ◽  
pp. 501 ◽  
Author(s):  
Evangelina Lara ◽  
Leocundo Aguilar ◽  
Mauricio A. Sanchez ◽  
Jesús A. García
Keyword(s):  
Internet Of Things ◽  
Failure Detection ◽  
Authentication Protocol ◽  
Internet Security ◽  
Industrial Internet Of Things ◽  
Resource Constrained ◽  
Machine Failure ◽  
Industrial Internet ◽  
Resource Constrained Devices ◽  
Constrained Devices

The Industrial Internet of Things (IIoT) consists of sensors, networks, and services to connect and control production systems. Its benefits include supply chain monitoring and machine failure detection. However, it has many vulnerabilities, such as industrial espionage and sabotage. Furthermore, many IIoT devices are resource-constrained, which impedes the use of traditional security services for them. Authentication allows devices to be confident of each other’s identity, preventing some security attacks. Many authentication protocols have been proposed for IIoT; however, they have high computing requirements not viable to resource-constrained devices, or they have been found insecure. In this paper, an authentication protocol for resource-constrained IIoT devices is proposed. It is based on the lightweight operations xor, addition, and subtraction, and a hash function. Also, only four messages are exchanged between the principals to authenticate. It has a low execution-time and communication-cost. Its security was successfully assessed with the formal methods Automated Validation of Internet Security Protocols and Applications (AVISPA) tool and Burrows–Abadi–Needham (BAN) logic, together with an informal analysis of its resistance to known attacks. Its performance and security were compared with state-of-the-art protocols, resulting in a good performance for resource-constrained IIoT devices, and higher security similar to computational expensive schemes.

scholarly journals Towards Light Weight Cryptography Schemes for Resource Constraint Devices in IoT

2020 ◽  
Author(s):  
Santosh Pandurang Jadhav
Keyword(s):  
Processing Capacity ◽  
Light Weight ◽  
Resource Constrained ◽  
Computational Costs ◽  
Encryption And Decryption ◽  
Limited Power ◽  
Iot Devices ◽  
The Internet Of Things ◽  
Resource Constrained Devices ◽  
Constrained Devices

The Internet of Things (IoT) is becoming the most relevant next Internet-related revolution in the world of Technology. It permits millions of devices to be connected and communicate with each other. Beside ensuring reliable connectivity their security is also a great challenge. Abounding IoT devices have a minimum of storage and processing capacity and they usually need to be able to operate on limited power consumption. Security paths that depend maximum on encryption are not good for these resource constrained devices, because they are not suited for performing complicated encryption and decryption tasks quickly to be able to transmit data securely in real-time. This paper contains an overview of some of the cryptographic-based schemes related to communication and computational costs for resource constrained devices and considers some approaches towards the development of highly secure and lightweight security mechanisms for IoT devices.

scholarly journals Dumbo, Jumbo, and Delirium: Parallel Authenticated Encryption for the Lightweight Circus

2020 ◽  
pp. 5-30
Author(s):  
Tim Beyne ◽  
Yu Long Chen ◽  
Christoph Dobraunig ◽  
Bart Mennink
Keyword(s):  
The Internet ◽  
Authenticated Encryption ◽  
Small State ◽  
Resource Constrained ◽  
Direct Communication ◽  
Encryption Algorithms ◽  
High Level ◽  
State Size ◽  
Resource Constrained Devices ◽  
Constrained Devices

With the trend to connect more and more devices to the Internet, authenticated encryption has become a major backbone in securing the communication, not only between these devices and servers, but also the direct communication among these devices. Most authenticated encryption algorithms used in practice are developed to perform well on modern high-end devices, but are not necessarily suited for usage on resource-constrained devices. We present a lightweight authenticated encryption scheme, called Elephant. Elephant retains the advantages of GCM such as parallelism, but is tailored to the needs of resource-constrained devices. The two smallest instances of Elephant, Dumbo and Jumbo, are based on the 160-bit and 176-bit Spongent permutation, respectively, and are particularly suited for hardware; the largest instance of Elephant, Delirium, is based on 200-bit Keccak and is developed towards software use. All three instances are parallelizable, have a small state size while achieving a high level of security, and are constant time by design.

scholarly journals Secure Communications for Resource-Constrained IoT Devices

Sensors ◽  
2020 ◽  
Vol 20 (13) ◽  
pp. 3637
Author(s):  
Abd-Elhamid M. Taha ◽  
Abdulmonem M. Rashwan ◽  
Hossam S. Hassanein
Keyword(s):  
Internet Of Things ◽  
Secure Communication ◽  
The Internet ◽  
Secure Communications ◽  
Message Authentication ◽  
Authentication Codes ◽  
Resource Constrained ◽  
Iot Devices ◽  
The Internet Of Things ◽  
Constrained Devices

The importance of securing communications on the Internet of Things (IoT) cannot be overstated. This is especially the case in light of the increasing proliferation of IoT devices and instances, as well as the growing dependence on their usage. Meanwhile, there have recently been mounting concerns over a wide array of vulnerabilities in IoT communications. The objective of this work is to address constraints in IoT devices that are “resource-constrained”, which are devices that are limited in terms of computing, energy, communication, or range capabilities, whether in terms of nominal or temporal limitations. Specifically, we propose a framework for resource-aiding constrained devices to facilitate secure communication. Without loss of generalization, the framework’s viability is illustrated by focusing on a group of security functions that utilize message authentication codes, which is a strongly representative example of resource-intensive security functions. Aspects of the framework are further demonstrated in processing cores commonly used in commercial IoT devices.

scholarly journals Bridging the SNMP gap: Simple network monitoring the internet of things

2016 ◽  
Vol 29 (3) ◽  
pp. 475-487 ◽  
Author(s):  
Mihajlo Savic
Keyword(s):  
Internet Of Things ◽  
The Internet ◽  
Cloud Environments ◽  
Communication Needs ◽  
Memory Resources ◽  
The Internet Of Things ◽  
Simple Network ◽  
Resource Constrained Devices ◽  
Competing Technologies ◽  
Constrained Devices

Things that form Internet of Things can vary in every imaginable aspect. From simplest devices with barely any processing and memory resources, with communication handled by networking devices like switches and routers to powerful servers that provide needed back-end resources in cloud environments, all are needed for real world implementations of Internet of Things. Monitoring of the network and server parts of the infrastructure is a well known area with numerous approaches that enable efficient monitoring. Most prevalent technology used is SNMP that forms the part of the IP stack and is as such universally supported. On the other hand, ?things? domain is evolving very fast with a number of competing technologies used for communication and monitoring. When discussing small, constrained devices, the two most promising protocols are CoAP and MQTT. Combined, they cover wide area of communication needs for resource constrained devices, from simple messaging system to one that enables connecting to RESTful world. In this paper we present a possible solution to bridge the gap in monitoring by enabling SNMP access to monitoring data obtained from constrained devices that cannot feasibly support SNMP or are not intended to be used in such a manner.

scholarly journals PRISEC: Comparison of Symmetric Key Algorithms for IoT Devices

Sensors ◽  
2019 ◽  
Vol 19 (19) ◽  
pp. 4312 ◽  
Author(s):  
Daniel A. F. Saraiva ◽  
Valderi Reis Quietinho Leithardt ◽  
Diandre de Paula ◽  
André Sales Mendes ◽  
Gabriel Villarrubia González ◽  
...  
Keyword(s):  
Internet Of Things ◽  
Power Consumption ◽  
Advanced Encryption Standard ◽  
The Internet ◽  
Secure Communications ◽  
Resource Constrained ◽  
Symmetric Key ◽  
Iot Devices ◽  
Resource Constrained Devices ◽  
Constrained Devices

With the growing number of heterogeneous resource-constrained devices connected to the Internet, it becomes increasingly challenging to secure the privacy and protection of data. Strong but efficient cryptography solutions must be employed to deal with this problem, along with methods to standardize secure communications between these devices. The PRISEC module of the UbiPri middleware has this goal. In this work, we present the performance of the AES (Advanced Encryption Standard), RC6 (Rivest Cipher 6), Twofish, SPECK128, LEA, and ChaCha20-Poly1305 algorithms in Internet of Things (IoT) devices, measuring their execution times, throughput, and power consumption, with the main goal of determining which symmetric key ciphers are best to be applied in PRISEC. We verify that ChaCha20-Poly1305 is a very good option for resource constrained devices, along with the lightweight block ciphers SPECK128 and LEA.

Sign in / Sign up

Export Citation Format

Share Document