A Lightweight and Provable Secured Certificateless Signcryption Approach for Crowdsourced IIoT Applications

Industrial Internet of Things (IIoT) is a new type of Internet of Things (IoT), which enables sensors to merge with several smart devices to monitor machine status, environment, and collect data from industrial devices. On the other hand, cloud computing provides a good platform for storing crowdsourced data of IIoT. Due to the semi-trusted nature of cloud computing and communication through open channels, the IIoT environment needs security services such as confidentiality and authenticity. One such solution is provided by the identity-based signcryption. Unfortunately, the identity-based signcryption approach suffers from the key escrow problem. Certificateless signcryption is the alternative of identity-based signcryption that can resolve the key escrow problem. Here, we propose a lightweight certificateless signcryption approach for crowdsourced IIoT applications with the intention of enhancing security and decreasing the computational cost and communication overhead. The security and efficiency of the proposed approach are based on the hyper elliptic curve cryptosystem. The hyper elliptic curve is the advance version of the elliptic curve having small parameters and key size of 80 bits as compared to the elliptic curve which has 160-bits key size. Further, we validate the security requirements of our approach through automated validation of Internet security protocols and applications (AVISPA) tool with the help of high level protocol specification language (HLPSL). Moreover, our lightweight and secured scheme will attract low resource devices and will become a perk in the environment of IIoT.

Download Full-text

An hyper elliptic curve based efficient signcryption scheme for user authentication

Journal of Intelligent & Fuzzy Systems ◽

10.3233/jifs-189166 ◽

2020 ◽

Vol 39 (6) ◽

pp. 8487-8498

Author(s):

Malathi Devarajan ◽

N. Sasikaladevi

Keyword(s):

Elliptic Curve ◽

User Authentication ◽

Computational Cost ◽

Bilinear Pairing ◽

Resource Constraint ◽

Communication Overhead ◽

Public Verifiability ◽

High Level ◽

Hyper Elliptic Curve ◽

Signcryption Scheme

With ever growing popularity, wireless communication system also vulnerable to various security attacks. To provide high level security, many cryptographic solutions have been proposed. One such solution is signcryption, where authenticity and confidentiality provided by single logical step. Therefore, signcryption scheme helps to reduce computational cost, but it is not feasible for resource constraint environments. Because, most of the existing approaches were based on El-Gamal, bilinear pairing, Rivest-Shamir-Adleman (RSA), and Elliptic curve Cryptography (ECC). They consume more energy due to their increased key size. Hence, the new signcryption approach is proposed based on Hyper Elliptic Curve Cryptosystem (HECC) whose key size is much lesser than ECC. It significantly reduces the cost of computation and communication overhead by half the amount of ECC which suits well for resource constraint environments. Further, the proposed scheme attains necessary security features along with forward secrecy and public verifiability. On the other hand, the security of the approach is validated through an automated protocol validation tool – AVISPA.

Download Full-text

A Lightweight Nature Heterogeneous Generalized Signcryption (HGSC) Scheme for Named Data Networking-Enabled Internet of Things

Wireless Communications and Mobile Computing ◽

10.1155/2020/8857272 ◽

2020 ◽

Vol 2020 ◽

pp. 1-20

Author(s):

Manazara Rehman ◽

Hizbullah Khattak ◽

Ahmed Saeed Alzahrani ◽

Insaf Ullah ◽

Muhammad Adnan ◽

...

Keyword(s):

Internet Of Things ◽

Elliptic Curve ◽

Smart Cities ◽

Internet Security ◽

Security Requirements ◽

Named Data Networking ◽

Smart Objects ◽

Quality Life ◽

Identity Based ◽

Data Networking

Internet of Things (IoT) is the collection of different types of smart objects like mobile phones, sensors, cars, smart cities, smart buildings, and healthcare, which can provide a quality life to humans around the globe. These smart objects sense and produce a huge amount of data for distribution. The current hostcentric networking paradigm is not that scalable to provide a suitable solution to the idea of IoT. For scalable connectivity and efficient distribution, Named Data Networking (NDN) has been envisioned as a promising solution for future internet architecture. On the other hand, the significant issues regarding the adaptation of NDN with IoT possess security concerns such as authentication, confidentiality, integrity, and forward secrecy. As IoT is a heterogeneous environment, it demands a different type of security, according to the environmental situation such as public key infrastructure (PKI), identity-based cryptosystem (IBC), and certificateless cryptosystem (CLC). This paper presents a new concept of CLC to IBC heterogeneous generalized signcryption for the first time to fulfil the prime security requirements of NDN-based IoT. The proposed scheme provides the security properties according to situational needs without disturbing the structural policy of NDN. Considering the resource-constrained nature of IoT, we used a lightweight type of elliptic curve called the hyperelliptic curve cryptosystem which offers the same level of security as that of bilinear pairing and an elliptic curve cryptosystem using a minimum key size. Further, we compare the proposed scheme with recently proposed identity-based as well as certificateless generalized signcryption schemes, and the results give satisfactory outputs in terms of computational and communication resources. Furthermore, we simulate the proposed scheme with Automated Validation of Internet Security Protocols and Applications (AVISPA), and the results show that our scheme is valid and safe. Additionally, we provide a practical scenario of the proposed on NDN with an IoT-based smart city.

Download Full-text

IoT-Fog A Communication Framework using Blockchain in the Internet of Things

10.36227/techrxiv.12657200.v1 ◽

2020 ◽

Author(s):

Tanweer Alam

Keyword(s):

Cloud Computing ◽

Internet Of Things ◽

Fog Computing ◽

Emerging Technology ◽

Smart Devices ◽

The Internet ◽

Next Generation ◽

Communication Framework ◽

Generation Computing ◽

The Internet Of Things

<p>The fog computing is the emerging technology to compute, store, control and connecting smart devices with each other using cloud computing. The Internet of Things (IoT) is an architecture of uniquely identified interrelated physical things, these physical things are able to communicate with each other and can transmit and receive information. <a>This research presents a framework of the combination of the Internet of Things (IoT) and Fog computing. The blockchain is also the emerging technology that provides a hyper, distributed, public, authentic ledger to record the transactions. Blockchains technology is a secured technology that can be a boon for the next generation computing. The combination of fog, blockchains, and IoT creates a new opportunity in this area. In this research, the author presents a middleware framework based on the blockchain, fog, and IoT. The framework is implemented and tested. The results are found positive. </a></p>

Download Full-text

Elliptic Curve Signcryption-Based Mutual Authentication Protocol for Smart Cards

Applied Sciences ◽

10.3390/app10228291 ◽

2020 ◽

Vol 10 (22) ◽

pp. 8291

Author(s):

Anuj Kumar Singh ◽

Arun Solanki ◽

Anand Nayyar ◽

Basit Qureshi

Keyword(s):

Elliptic Curve ◽

Smart Card ◽

Mutual Authentication ◽

Computational Cost ◽

Authentication Protocol ◽

Security Protocol ◽

Smart Cards ◽

Communication Overhead ◽

Authentication Mechanism ◽

Computational Overhead

In the modern computing environment, smart cards are being used extensively, which are intended to authenticate a user with the system or server. Owing to the constrictions of computational resources, smart card-based systems require an effective design and efficient security scheme. In this paper, a smart card authentication protocol based on the concept of elliptic curve signcryption has been proposed and developed, which provides security attributes, including confidentiality of messages, non-repudiation, the integrity of messages, mutual authentication, anonymity, availability, and forward security. Moreover, the analysis of security functionalities shows that the protocol developed and explained in this paper is secure from password guessing attacks, user and server impersonation, replay attacks, de-synchronization attacks, insider attacks, known key attacks, and man-in-the-middle attacks. The results have demonstrated that the proposed smart card security protocol reduces the computational overhead on a smart card by 33.3% and the communication cost of a smart card by 34.5%, in comparison to the existing efficient protocols. It can, thus, be inferred from the results that using elliptic curve signcryption in the authentication mechanism reduces the computational cost and communication overhead by a significant amount.

Download Full-text

Efficient Hierarchical Identity-Based Encryption for Mobile Ad Hoc Networks

Mobile Information Systems ◽

10.1155/2014/710362 ◽

2014 ◽

Vol 10 (4) ◽

pp. 407-425 ◽

Cited By ~ 1

Author(s):

Kai He ◽

Min-Rong Chen ◽

Yijun Mao ◽

Xi Zhang ◽

Yiju Zhan

Keyword(s):

Ad Hoc ◽

Mobile Ad Hoc Network ◽

Computational Cost ◽

Communication Overhead ◽

Wired Networks ◽

Identity Based Encryption ◽

Key Encapsulation Mechanism ◽

Identity Based ◽

Mobile Ad Hoc ◽

Hoc Networks

A Mobile Ad-hoc Network (MANET) is a collection of wireless nodes that can dynamically form a network to exchange information without using any pre-existing fixed network infrastructure. Such networks are more vulnerable to security attacks than conventional wired networks, and hence cryptographic schemes are usually used to ensure security for them. It is worth noting that the nodes in MANETs are with low computational power and communicate over relatively bandwidth constrained wireless links, and thus the deployed cryptographic schemes should usually be highly efficient in term of both computational cost and communication overhead. To ensure the data confidentiality for MANETs, in this paper, we present a new hierarchical identity-based encryption (HIBE) scheme, which enjoys the advantages of low computational cost and light communication overhead. We further propose a new hierarchical identity-based key encapsulation mechanism (HIBKEM) based on our HIBE scheme. The proposed HIBKEM scheme is fully secure against adaptive chosen-ciphertext attack, and has a tight security reduction in the standard model.

Download Full-text

CICS Cloud–Internet Communication Security Framework for the Internet of Smart Devices

10.36227/techrxiv.12657167 ◽

2020 ◽

Author(s):

Tanweer Alam ◽

Mohamed Benaida

Keyword(s):

Cloud Computing ◽

Internet Of Things ◽

Smart Devices ◽

Communication Security ◽

The Internet ◽

Internet Communication ◽

Process Data ◽

Security Problem ◽

Critical Issues ◽

The Internet Of Things

The internet of smart devices is a network of intelligent gadgets with sensors, programs, Wi-Fi and communication network connections. These devices store the data in cloud and process data outside the device using the proposed Cloud-Internet communication framework. These devices can communicate with other devices using the proposed framework. However, there are many challenges for communication security among the internet of smart devices. The Cloud can store the device data with security, reliability, privacy and service availability. The communication Security has been raised as one of the most critical issues of cloud computing where resolving such an issue would result in a constant growth in the use and popularity of cloud computing. Our purpose of this study is to create a framework for providing the communication security among smart devices network for the internet of things using cloud computing. Our main contribution links a new study for providing communication security for the internet of smart devices using the cloud-Internet framework. This study can be helpful for communication security problem in the framework of the Internet of Things. The proposed study generates a new framework for solving the issue of communication security among internet of smart devices.

Download Full-text

A Secure and Efficient ECC-Based Scheme for Edge Computing and Internet of Things

Sensors ◽

10.3390/s20216158 ◽

2020 ◽

Vol 20 (21) ◽

pp. 6158 ◽

Cited By ~ 1

Author(s):

Hisham AlMajed ◽

Ahmad AlMogren

Keyword(s):

Internet Of Things ◽

Elliptic Curve ◽

Security Requirements ◽

Performance Measurements ◽

Plain Text ◽

Asymmetric Cryptography ◽

Industrial Iot ◽

Constrained Environments ◽

Special Area ◽

And Performance

Recent growth in the Internet of Things (IoT) has raised security concerns over the confidentiality of data exchanged between IoT devices and the edge. Many IoT systems adopt asymmetric cryptography to secure their data and communications. A drawback of asymmetric cryptography is the sizeable computation and space requirements. However, elliptic curve cryptography (ECC) is widely used in constrained environments for asymmetric cryptography due its superiority in generating a powerful encryption mechanism with small key sizes. ECC increases device performance and lowers power consumption, meaning it is suitable for diverse applications ranging from the IoT to wireless sensor network (WSN) devices. To ensure the confidentiality and security of data and communications, it is necessary to implement ECC robustly. A special area of focus in this regard is the mapping phase. This study’s objective was to propose a tested and trusted scheme that offers authenticated encryption (AE) via enhancing the mapping phase of a plain text to an elliptic curve to resist several encryption attacks such as Chosen Plaintext Attack (CPA) and Chosen Ciphertext Attack (CCA). The proposed scheme also undertakes evaluation and analysis related to security requirements for specific encryption attributes. Finally, results from a comparison of the proposed scheme and other schemes are presented, evaluating each one’s security characteristics and performance measurements. Our scheme is efficient in a way that makes so suitable to the IoT, and in particular to the Industrial IoT and the new Urbanization where the demands for services are huge.

Download Full-text

Security Requirements for the Internet of Things: A Systematic Approach

Sensors ◽

10.3390/s20205897 ◽

2020 ◽

Vol 20 (20) ◽

pp. 5897

Author(s):

Shantanu Pal ◽

Michael Hitchens ◽

Tahiry Rabehaja ◽

Subhas Mukhopadhyay

Keyword(s):

Internet Of Things ◽

Systematic Approach ◽

Security Requirements ◽

Security And Privacy ◽

Smart Devices ◽

The Internet ◽

Systematic Analysis ◽

Prime Concern ◽

Smart Cars ◽

The Internet Of Things

There has been a tremendous growth in the number of smart devices and their applications (e.g., smart sensors, wearable devices, smart phones, smart cars, etc.) in use in our everyday lives. This is accompanied by a new form of interconnection between the physical and digital worlds, commonly known as the Internet of Things (IoT). This is a paradigm shift, where anything and everything can be interconnected via a communication medium. In such systems, security is a prime concern and protecting the resources (e.g., applications and services) from unauthorized access needs appropriately designed security and privacy solutions. Building secure systems for the IoT can only be achieved through a thorough understanding of the particular needs of such systems. The state of the art is lacking a systematic analysis of the security requirements for the IoT. Motivated by this, in this paper, we present a systematic approach to understand the security requirements for the IoT, which will help designing secure IoT systems for the future. In developing these requirements, we provide different scenarios and outline potential threats and attacks within the IoT. Based on the characteristics of the IoT, we group the possible threats and attacks into five areas, namely communications, device/services, users, mobility and integration of resources. We then examine the existing security requirements for IoT presented in the literature and detail our approach for security requirements for the IoT. We argue that by adhering to the proposed requirements, an IoT system can be designed securely by achieving much of the promised benefits of scalability, usability, connectivity, and flexibility in a practical and comprehensive manner.

Download Full-text

An Analysis of Integration of Internet of Things and Cloud Computing

Journal of Computational and Theoretical Nanoscience ◽

10.1166/jctn.2019.8523 ◽

2019 ◽

Vol 16 (10) ◽

pp. 4345-4349

Author(s):

Latika Kakkar ◽

Deepali Gupta ◽

Sapna Saxena ◽

Sarvesh Tanwar

Keyword(s):

Cloud Computing ◽

Internet Of Things ◽

Data Storage ◽

Secure Communication ◽

Traffic Monitoring ◽

Third Party ◽

Smart Devices ◽

The Internet ◽

Battery Life ◽

Smart Healthcare

The Internet of Things (IoT) comprises of various smart devices which are networked together to detect, accumulate, process, improve and interchange significant data over the Internet. IoT has improved our lifestyle by offering various applications such as intelligent home, smart healthcare, traffic monitoring and smart city devices. The IoT devices have restriction of power, battery life, memory and network constraints, so cloud can be used for accumulating and analyzing the IoT data. Due to the considerable increase in data transfer over Internet and other devices, the confidential information from the IoT sources required to be secure from any third party access. Cloud computing (CC) on the other side provides a protected, abrupt and advantageous data storage and computing services all over the internet. The integration of both these technologies can prove to be beneficial for each other. Therefore, we need an efficient and authentic method for secure communication in the IoT and cloud based big data environment. This paper provides a review of amalgamation of the IoT and cloud by featuring the implementation challenges and integration benefits.

Download Full-text

A secured signcryption scheme for e-payment system using hyper elliptic curve

Journal of Intelligent & Fuzzy Systems ◽

10.3233/jifs-189144 ◽

2020 ◽

Vol 39 (6) ◽

pp. 8237-8247

Author(s):

Malathi Devarajan ◽

N. Sasikaladevi

Keyword(s):

Elliptic Curve ◽

Computational Cost ◽

Smart Phone ◽

Payment System ◽

Internet Security ◽

Security Issue ◽

User Privacy ◽

Cryptographic Attacks ◽

Hyper Elliptic Curve ◽

Signcryption Scheme

With the growing trend of Communication Technologies (ICT), buying goods through online has been increased drastically. Besides, e-payment makes online purchase easier and made our daily life more convenient. However, there exists a user privacy and data security issue in conventional e-payment systems. Thus, a hyper elliptic curve based signcryption scheme is proposed to achieve reduced computational cost. Because, most of the payment is processed on resource constraint devices like smart phone, hence an energy efficient e-payment system is in requisite. In order to ensure user authenticity, an aadhaar number (unique identity) is used to generate signcryption key. The proposed signcryption scheme can be implemented in real-time applications like e-payment system to ensure confidentiality, privacy, authenticity and integrity. The security of the system is validated through a simulation tool – AVISPA (Automated Validation of Internet Security Protocols and Applications). Further, the resistivity against various cryptographic attacks was analyzed informally and also the computational cost is estimated and compared with other related schemes.

Download Full-text