Hardware Primitives-Based Security Protocols for the Internet of Things

2019 ◽  
pp. 117-141 ◽  
Author(s):  
Muhammad Naveed Aman ◽  
Kee Chaing Chua ◽  
Biplab Sikdar
Keyword(s):  
Low Cost ◽  
Security Analysis ◽  
Security Protocols ◽  
Hardware Security ◽  
Side Channel ◽  
Data Provenance ◽  
Side Channel Attacks ◽  
Sensitive Data ◽  
Physically Unclonable Functions ◽  
Iot Devices

IoT is the enabling technology for a variety of new exciting services in a wide range of application areas including environmental monitoring, healthcare systems, energy management, transportation, and home and commercial automation. However, the low-cost and straightforward nature of IoT devices producing vast amounts of sensitive data raises many security concerns. Among the cyber threats, hardware-level threats are especially crucial for IoT systems. In particular, IoT devices are not physically protected and can easily be captured by an adversary to launch physical and side-channel attacks. This chapter introduces security protocols for IoT devices based on hardware security primitives called physically unclonable functions (PUFs). The protocols are discussed for the following major security principles: authentication and confidentiality, data provenance, and anonymity. The security analysis shows that security protocols based on hardware security primitives are not only secure against network-level threats but are also resilient against physical and side-channel attacks.

scholarly journals A Lightweight Authentication Method in Perception Layer of IoT Through Digital Watermarking

2019 ◽  
Vol 8 (3) ◽  
pp. 2937-2942
Keyword(s):  
Internet Of Things ◽  
Temporal Dynamics ◽  
Low Cost ◽  
Security Analysis ◽  
Living Environment ◽  
Security And Privacy ◽  
Sensitive Data ◽  
Privacy And Security ◽  
Iot Devices ◽  
Lightweight Authentication

Introduction of IoT (Internet of Things) has enjoyed vigorous support from governments and research institutions around the world, and remarkable achievements have been obtained till date. IoT systems collect the voluminous amount of data in real time from hospitals, battlefield and daily living environment which is related to privacy and security of people. So, securing collected sensitive data is one of the major challenges in the development of IoT systems. Authenticating the source of collected data is utmost important because the adversary may act as a source which may lead to a breach in security and privacy of people using the IoT network. IoT devices are resource scarce so lightweight methods for network security and privacy need to develop to achieve future development goals. In this paper, a novel lightweight node to node authentication scheme based on watermark is proposed to solve the contradiction between the security and restricted resources of perception layer. To improve the security, Proposed scheme usage node identity and the number of neighbours as input to generate the watermark and use the watermark to calculate the embedding positions which makes node authentication based on temporal dynamics of sensing network. The generated watermark is embedded in fixed size message digest generated using the variable message as input into a low-cost one-way hashing algorithm LOCHA. The embedded bits of watermark extracted at the receiving node and matched to check the authenticity of the sender node. The security analysis and simulations of the proposed scheme show that it can be a good candidate to ensure the authentication of the resource constraint devices which are integral part of Internet of Things at low cost

scholarly journals Enhancing Security on IoT Devices via Machine Learning on Conditional Power Dissipation

Electronics ◽  
2020 ◽  
Vol 9 (11) ◽  
pp. 1799
Author(s):  
Dimitrios Myridakis ◽  
Stefanos Papafotikas ◽  
Konstantinos Kalovrektis ◽  
Athanasios Kakarountas
Keyword(s):  
Machine Learning ◽  
Power Dissipation ◽  
Low Cost ◽  
Rapid Development ◽  
Abnormal Behavior ◽  
Smart Devices ◽  
Side Channel ◽  
Sensitive Data ◽  
Wide Range ◽  
Iot Devices

The rapid development of connected devices and the sensitive data, which they produce, is a major challenge for manufacturers seeking to fully protect their devices from attack. Consumers expect their IoT devices and data to be adequately protected against a wide range of vulnerabilities and exploits. Successful attacks target IoT devices, cause security problems, and pose new challenges. Successful attacks from botnets residing on mastered IoT devices increase significantly in number and the severity of the damage they cause is similar to that of a war. The characteristics of attacks vary widely from attack to attack and from time to time. The warnings about the severity of the attacks indicate that there is a need for solutions to address the attacks from birth. In addition, there is a need to quarantine infected IoT devices, preventing the spread of the virus and thus the formation of the botnet. This work introduces the exploitation of side-channel attack techniques to protect the low-cost smart devices intuitively, and integrates a machine learning-based algorithm for Intrusion Detection, exploiting current supply characteristic dissipation. The results of this work showed successful detection of abnormal behavior of smart IoT devices.

scholarly journals Variety of Scalable Shuffling Countermeasures against Side Channel Attacks

2016 ◽  
Author(s):  
Nikita Veshchikov ◽  
Stephane Fernandes Medeiros ◽  
Liran Lerman
Keyword(s):  
Block Cipher ◽  
Fixed Number ◽  
Side Channel ◽  
Small Data ◽  
Side Channel Attacks ◽  
Side Channel Analysis ◽  
Cryptographic System ◽  
Channel Analysis ◽  
Iot Devices ◽  
Time Overhead

IoT devices have very strong requirements on all the resources such as memory, randomness, energy and execution time. This paper proposes a number of scalable shuffling techniques as countermeasures against side channel analysis. Some extensions of an existing technique called Random Start Index (RSI) are suggested in this paper. Moreover, two new shuffling techniques Reverse Shuffle (RS) and Sweep Swap Shuffle (SSS) are described within their possible extensions. Extensions of RSI, RS and SSS might be implemented in a constrained environment with a small data and time overhead. Each of them might be implemented using different amount of randomness and thus, might be fine-tuned according to requirements and constraints of a cryptographic system such as time, memory, available number of random bits, etc. RSI, RS, SSS and their extensions are described using SubBytes operation of AES-128 block cipher as an example, but they might be used with different operations of AES as well as with other algorithms. This paper also analyses RSI, RS and SSS by comparing their properties such as number of total permutations that might be generated using a fixed number of random bits, data complexity, time overhead and evaluates their resistance against some known side-channel attacks such as correlation power analysis and template attack. Several of proposed shuffling schemes are implemented on a 8-bit microcontroller that uses them to shuffle the first and the last rounds of AES-128.  

Addressing Security Issues of the Internet of Things Using Physically Unclonable Functions

2021 ◽  
pp. 333-350
Author(s):  
Ishfaq Sultan ◽  
Mohammad Tariq Banday
Keyword(s):  
Internet Of Things ◽  
Hardware Implementation ◽  
Hardware Security ◽  
The Internet ◽  
Huge Number ◽  
Security Issues ◽  
Physically Unclonable Functions ◽  
Iot Devices ◽  
The Internet Of Things

The spatial ubiquity and the huge number of employed nodes monitoring the surroundings, individuals, and devices makes security a key challenge in IoT. Serious security apprehensions are evolving in terms of data authenticity, integrity, and confidentiality. Consequently, IoT requires security to be assured down to the hardware level, as the authenticity and the integrity need to be guaranteed in terms of the hardware implementation of each IoT node. Physically unclonable functions recreate the keys only while the chip is being powered on, replacing the conventional key storage which requires storing information. Compared to extrinsic key storage, they are able to generate intrinsic keys and are far less susceptible against physical attacks. Physically unclonable functions have drawn considerable attention due to their ability to economically introduce hardware-level security into individual silicon dice. This chapter introduces the notion of physically unclonable functions, their scenarios for hardware security in IoT devices, and their interaction with traditional cryptography.

A Power Analysis System for Cryptographic Devices

2013 ◽  
Vol 718-720 ◽  
pp. 2376-2382
Author(s):  
Yan Ting Ren ◽  
Li Ji Wu
Keyword(s):  
Normal Mode ◽  
Power Analysis ◽  
Security Analysis ◽  
General Purpose ◽  
Side Channel ◽  
Security Level ◽  
Side Channel Attacks ◽  
Working Models ◽  
Correlation Power Analysis ◽  
Analysis System

In order to test the security of cryptographic devices against Side Channel Attacks (SCA), an automatic general-purpose power analysis system (TH-PAS-01) is designed and implemented. TH-PAS-01 is scalable and can be applied to many cryptographic devices when specific modules are installed. Using the system TH-PAS-01, correlation power analysis (CPA) are carried out on an AES chip under two working models: normal and shuffling mode. The security level of the countermeasure provided by the target chip is verified by TH-PAS-01. The experimental results show that the correct key of the AES chip is obtained with around 50,000 power traces when the chip was working under normal mode, while the whole key bits are not obtained with 960,000 power traces when the chip works under shuffling mode. The automatic general-purpose system TH-PAS-01 is feasible for security analysis on power analysis for cryptographic devices.

scholarly journals Formal security analysis of lightweight authenticated key agreement protocol for IoT in cloud computing

2021 ◽  
Vol 24 (1) ◽  
pp. 621
Author(s):  
Ahmed H. Aly ◽  
Atef Ghalwash ◽  
Mona M. Nasr ◽  
Ahmed A. Abd-El Hafez
Keyword(s):  
Cloud Computing ◽  
Key Agreement ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Internet Security ◽  
Cyber Attacks ◽  
Session Key ◽  
Sensitive Data ◽  
Processing Power ◽  
Iot Devices

The internet of things (IoT) and cloud computing are evolving technologies in the information technology field. Merging the pervasive IoT technology with cloud computing is an innovative solution for better analytics and decision-making. Deployed IoT devices offload different types of data to the cloud, while cloud computing converges the infrastructure, links up the servers, analyzes information obtained from the IoT devices, reinforces processing power, and offers huge storage capacity. However, this merging is prone to various cyber threats that affect the IoT-Cloud environment. Mutual authentication is considered as the forefront mechanism for cyber-attacks as the IoT-Cloud participants have to ensure the authenticity of each other and generate a session key for securing the exchanged traffic. While designing these mechanisms, the constrained nature of the IoT devices must be taken into consideration. We proposed a novel lightweight protocol (Light-AHAKA) for authenticating IoT-Cloud elements and establishing a key agreement for encrypting the exchanged sensitive data was proposed. In this paper, the formal verification of (Light-AHAKA) was presented to prove and verify the correctness of our proposed protocol to ensure that the protocol is free from design flaws before the deployment phase. The verification is performed based on two different approaches, the strand space model and the automated validation of internet security protocols and applications (AVISPA) tool.

Sign in / Sign up

Export Citation Format

Share Document