PUF Based Authentication Protocol for IoT

Key agreement between two constrained Internet of Things (IoT) devices that have not met each other is an essential feature to provide in order to establish trust among its users. Physical Unclonable Functions (PUFs) on a device represent a low cost primitive exploiting the unique random patterns in the device and have been already applied in a multitude of applications for secure key generation and key agreement in order to avoid an attacker to take over the identity of a tampered device, whose key material has been extracted. This paper shows that the key agreement scheme of a recently proposed PUF based protocol, presented by Chatterjee et al., for Internet of Things (IoT) is vulnerable for man-in-the-middle, impersonation, and replay attacks in the Yao–Dolev security model. We propose an alternative scheme, which is able to solve these issues and can provide in addition a more efficient key agreement and subsequently a communication phase between two IoT devices connected to the same authentication server. The scheme also offers identity based authentication and repudiation, when only using elliptic curve multiplications and additions, instead of the compute intensive pairing operations.

Download Full-text

Bringing Security to The Smallest Embedded Systems

10.34048/2017.1.f5 ◽

2017 ◽

Author(s):

JOSEPH YIU

Keyword(s):

Internet Of Things ◽

Embedded Systems ◽

Low Cost ◽

Security Requirements ◽

The Internet ◽

Security Measures ◽

Significant Challenge ◽

Iot Devices

The increasing need for security in microcontrollers Security has long been a significant challenge in microcontroller applications(MCUs). Traditionally, many microcontroller systems did not have strong security measures against remote attacks as most of them are not connected to the Internet, and many microcontrollers are deemed to be cheap and simple. With the growth of IoT (Internet of Things), security in low cost microcontrollers moved toward the spotlight and the security requirements of these IoT devices are now just as critical as high-end systems due to:

Download Full-text

A Tweakable Key Alternating Lightweight Cipher for Internet of Things

International Journal of Information Security and Privacy ◽

10.4018/ijisp.2020100107 ◽

2020 ◽

Vol 14 (4) ◽

pp. 113-133

Author(s):

Mary Shamala L. ◽

Zayaraz G. ◽

Vivekanandan K. ◽

Vijayalakshmi V.

Keyword(s):

Internet Of Things ◽

Low Cost ◽

Communication Protocols ◽

Global Network ◽

Limited Resources ◽

Lightweight Cryptography ◽

Cryptographic Algorithm ◽

Wide Range ◽

Iot Devices ◽

Lightweight Cipher

Internet of things (IoT) is a global network of uniquely addressable interconnected things, based on standard communication protocols. As the number of devices connected to the IoT escalates, they are becoming a likely target for hackers. Also, the limited resources of IoT devices makes the security on top of the actual functionality of the device. Therefore, the cryptographic algorithm for such devices has to be devised as small as possible. To tackle the resource constrained nature of IoT devices, this article presents a lightweight cryptography algorithm based on a single permutation and iterated Even-Mansour construction. The proposed algorithm is implemented in low cost microcontrollers, thus making it suitable for a wide range of IoT nodes.

Download Full-text

An authentication and key agreement mechanism for OPC Unified Architecture in industrial Internet of Things

International Journal of Distributed Sensor Networks ◽

10.1177/1550147718754793 ◽

2018 ◽

Vol 14 (1) ◽

pp. 155014771875479 ◽

Cited By ~ 2

Author(s):

Min Wei ◽

Shuaidong Zhang ◽

Ping Wang ◽

Keecheon Kim

Keyword(s):

Internet Of Things ◽

System Integration ◽

Key Agreement ◽

Security Model ◽

Industrial Internet Of Things ◽

Authentication And Key Agreement ◽

Industrial Internet ◽

Integration Problem ◽

Test Verification ◽

Secure Channel

As an industrial communication data interaction specification, OPC Unified Architecture effectively solves the industrial Internet of Things system integration problem. This article designs an authentication and key agreement scheme based on implicit certificate using the security model provided by OPC Unified Architecture. It establishes the secure channel and provides a guarantee for secure session for the OPC Unified Architecture server and client. Then, the test verification platform is implemented to verify the feasibility of the scheme. The result shows that the mechanism is feasible, and the system security and availability are effectively improved.

Download Full-text

AIoT with PUF: A Concrete Security

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.f4520.059720 ◽

2020 ◽

Vol 9 (7) ◽

pp. 476-481

Keyword(s):

Artificial Intelligence ◽

Internet Of Things ◽

Machine Intelligence ◽

Customer Relationships ◽

Physical Unclonable Functions ◽

Security Problem ◽

Fast Solution ◽

Iot Devices ◽

Efficiency And Productivity ◽

Exchange Data

Artificial Intelligence in contrast to Natural Intelligence also known as Machine Intelligence is intelligence revealed by machine. It is the science and engineering of making machines intelligent. Therefore, it is a technique that makes a machine work like humans. The IOT Internet of Things is a network of internet-connected objects which can connect and exchange data. The combination of AI and IoT called AIoT is the combination of Artificial Intelligence and Internet of Things to achieve more efficient IoT operations. When Artificial Intelligence is added to IoT it means that the devices can analyze data and make decisions and act accordingly without the intervention of humans. The combination of AI and IOT has several advantages like saving money, building deeper customer relationships, increased operational efficiency and productivity and enhanced security and safety. This research paper focuses on what is AIoT, its applications and challenges and further, it also focuses on AIoT security concern and how can we solve the security problem with the use of PUF which is hardware security which is a simple and fast solution for security purpose. PUF is also more compatible with AIoT gadgets. Attacks on IoT devices are on the upsurge. Physical Unclonable functions (PUFs) are recognized as a robust and mild-weight way for AIoT

Download Full-text

Physical Unclonable Functions in the Internet of Things: State of the Art and Open Challenges

Sensors ◽

10.3390/s19143208 ◽

2019 ◽

Vol 19 (14) ◽

pp. 3208 ◽

Cited By ~ 15

Author(s):

Armin Babaei ◽

Gregor Schiele

Keyword(s):

Internet Of Things ◽

State Of The Art ◽

The Internet ◽

Physical Unclonable Functions ◽

Iot Devices ◽

Computational Resources ◽

The Internet Of Things

Attacks on Internet of Things (IoT) devices are on the rise. Physical Unclonable Functions (PUFs) are proposed as a robust and lightweight solution to secure IoT devices. The main advantage of a PUF compared to the current classical cryptographic solutions is its compatibility with IoT devices with limited computational resources. In this paper, we investigate the maturity of this technology and the challenges toward PUF utilization in IoT that still need to be addressed.

Download Full-text

An Investigation for Cellular Automata-Based Lightweight Data Security Model Towards Possible Uses in Fog Networks

Examining the Impact of Deep Learning and IoT on Multi-Industry Applications - Advances in Web Technologies and Engineering ◽

10.4018/978-1-7998-7511-6.ch012 ◽

2021 ◽

pp. 209-226

Author(s):

Arnab Mitra ◽

Sayantan Saha

Keyword(s):

Internet Of Things ◽

Cellular Automata ◽

Data Security ◽

Low Cost ◽

Security And Privacy ◽

Security Model ◽

Physical Implementation ◽

Security Models ◽

Industry Applications ◽

Computing Capacity

A lightweight data security model is of much importance in view of security and privacy of data in several networks (e.g., fog networks) where available computing units at edge nodes are often constrained with low computing capacity and limited storage/availability of energy. To facilitate lightweight data security at such constrained scenarios, cellular automata (CA)-based lightweight data security model is presented in this chapter to enable low-cost physical implementation. For this reason, a detailed investigation is presented in this chapter to explore the potential capabilities of CA-based scheme towards the design of lightweight data security model. Further, a comparison among several existing lightweight data security models ensure the effectiveness for proposed CA-based lightweight data security model. Thus, application suitability in view of fog networks is explored for the proposed CA-based model which has further potential for easy training of a reservoir of computers towards uses in IoT (internet of things)-based multiple industry applications.

Download Full-text

Survey of Localization for Internet of Things Nodes: Approaches, Challenges and Open Issues

Future Internet ◽

10.3390/fi13080210 ◽

2021 ◽

Vol 13 (8) ◽

pp. 210 ◽

Cited By ~ 2

Author(s):

Sheetal Ghorpade ◽

Marco Zennaro ◽

Bharat Chaudhari

Keyword(s):

Internet Of Things ◽

Performance Metrics ◽

Smart Cities ◽

Low Cost ◽

Real Life ◽

High Energy ◽

Mobile Nodes ◽

Node Localization ◽

Iot Devices ◽

Device Free

With exponential growth in the deployment of Internet of Things (IoT) devices, many new innovative and real-life applications are being developed. IoT supports such applications with the help of resource-constrained fixed as well as mobile nodes. These nodes can be placed in anything from vehicles to the human body to smart homes to smart factories. Mobility of the nodes enhances the network coverage and connectivity. One of the crucial requirements in IoT systems is the accurate and fast localization of its nodes with high energy efficiency and low cost. The localization process has several challenges. These challenges keep changing depending on the location and movement of nodes such as outdoor, indoor, with or without obstacles and so on. The performance of localization techniques greatly depends on the scenarios and conditions from which the nodes are traversing. Precise localization of nodes is very much required in many unique applications. Although several localization techniques and algorithms are available, there are still many challenges for the precise and efficient localization of the nodes. This paper classifies and discusses various state-of-the-art techniques proposed for IoT node localization in detail. It includes the different approaches such as centralized, distributed, iterative, ranged based, range free, device-based, device-free and their subtypes. Furthermore, the different performance metrics that can be used for localization, comparison of the different techniques, some prominent applications in smart cities and future directions are also covered.

Download Full-text

Advanced Security Model for Internet of Things Environment

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.f8815.038620 ◽

2020 ◽

Vol 8 (6) ◽

pp. 3387-3392

Keyword(s):

Internet Of Things ◽

User Experience ◽

Security Level ◽

Security Model ◽

Accurate Data ◽

Operational Costs ◽

Internet Of Things Environment ◽

Iot Devices ◽

Almost All ◽

Security Checks

IoT has become one of the most prominent used industry which is been intensively used in various applications across the globe. This usage has also made it more vulnerable to numerous attacks from within and outside the industry. Though this remains as one of the most predominant challenges in almost all of the industries, most of the organizations fail to allocate security budgets in order to secure their sub-networks from being misused and attacked. One of the most important aspects of this drawback is the unawareness of various upcoming IoT devices and infrastructures that are not technically sound enough to handle and meet the challenges caused by the various attacking methods. Implementation of highly secure IoT based infrastructure could basically produce various other benefits that include obtaining greater revenues from new inculcated methods and models while minimizing the operational costs by making use of the various optimized processes. This, in turn, leads to various meaningful and accurate data with a better knowledge of user experience. In order to develop such an IoT infrastructure, all the organizations have to mandatory build built-in security checks in each and every level of the applications being used by them. The paper presents a new design model that is used for securing all the devices from various malicious attacks. The paper also compares the newly designed model with the existing model and has proved the betterment of the security level that is been achieved.

Download Full-text

An Efficient Three-Way Authentication Factor and Mutual Key Agreement Protocol Using Identity Authentication Server in Internet of Things

Journal of Computational and Theoretical Nanoscience ◽

10.1166/jctn.2018.7653 ◽

2018 ◽

Vol 15 (11) ◽

pp. 3509-3515

Author(s):

N Malarvizhi ◽

R. H Aswathy

Keyword(s):

Internet Of Things ◽

Key Agreement ◽

Identity Authentication ◽

Key Agreement Protocol ◽

Authentication Server

Download Full-text

Towards a Secure and Scalable IoT Infrastructure: A Pilot Deployment for a Smart Water Monitoring System

Technologies ◽

10.3390/technologies8040050 ◽

2020 ◽

Vol 8 (4) ◽

pp. 50

Author(s):

Anthony Overmars ◽

Sitalakshmi Venkatraman

Keyword(s):

Monitoring System ◽

Low Cost ◽

Water Monitoring ◽

Security And Privacy ◽

Security Model ◽

Smart Environment ◽

Iot Security ◽

Security Controls ◽

Smart Water ◽

Iot Devices

Recent growth in the Internet of Things (IoT) looks promising for realizing a smart environment of the future. However, concerns about the security of IoT devices are escalating as they are inherently constrained by limited resources, heterogeneity, and lack of standard security controls or protocols. Due to their inability to support state-of-the-art secure network protocols and defense mechanisms, standard security solutions are unsuitable for dynamic IoT environments that require large and smart IoT infrastructure deployments. At present, the IoT based smart environment deployments predominantly use cloud-centric approaches to enable continuous and on-demand data exchange that leads to further security and privacy risks. While standard security protocols, such as Virtual Private Networks (VPNs), have been explored for certain IoT environments recently, the implementation models reported have several variations and are not practically scalable for any dynamically scalable IoT deployment. This paper addresses current drawbacks in providing the required flexibility, interoperability, scalability, and low-cost practical viability of a secure IoT infrastructure. We propose an adaptive end-to-end security model that supports the defense requirements for a scalable IoT infrastructure. With low-cost embedded controllers, such as the Raspberry Pi, allowing for the convergence of more sophisticated networking protocols to be embedded at the IoT monitoring interface, we propose a scalable IoT security model integrating both the IoT devices and the controller as one embedded device. Our approach is unique, with a focus on the integration of a security protocol at the embedded interface. In addition, we demonstrate a prototype implementation of our IoT security model for a smart water monitoring system. We believe that our modest first step would instill future research interests in this direction.

Download Full-text