Acquisition And Analysis of Cryptographic Keys In IoT Devices

2021 ◽  
Author(s):  
Anant Gangwar
Keyword(s):  
Cryptographic Keys ◽  
Iot Devices

scholarly journals Cryptographic Keys Generating and Renewing System for IoT Network Nodes—A Concept

Sensors ◽  
2020 ◽  
Vol 20 (17) ◽  
pp. 5012
Author(s):  
Janusz Furtak
Keyword(s):  
Data Exchange ◽  
Security And Privacy ◽  
Critical Element ◽  
Certification Authority ◽  
Trusted Platform Module ◽  
Network Nodes ◽  
Cryptographic Keys ◽  
Iot Devices ◽  
System Nodes ◽  
Trusted Platform

Designers and users of the Internet of Things (IoT) are devoting more and more attention to the issues of security and privacy as well as the integration of data coming from various areas. A critical element of cooperation is building mutual trust and secure data exchange. Because IoT devices usually have small memory resources, limited computing power, and limited energy resources, it is often impossible to effectively use a well-known solution based on the Certification Authority. This article describes the concept of the system for a cryptographic Key Generating and Renewing system (KGR). The concept of the solution is based on the use of the hardware Trusted Platform Module (TPM) v2.0 to support the procedures of creating trust structures, generating keys, protecting stored data, and securing data exchange between system nodes. The main tasks of the system are the secure distribution of a new symmetric key and renewal of an expired key for data exchange parties. The KGR system is especially designed for clusters of the IoT nodes but can also be used by other systems. A service based on the Message Queuing Telemetry Transport (MQTT) protocol will be used to exchange data between nodes of the KGR system.

scholarly journals New Method of Prime Factorisation-Based Attacks on RSA Authentication in IoT

Cryptography ◽  
2019 ◽  
Vol 3 (3) ◽  
pp. 20 ◽  
Author(s):  
Venkatraman ◽  
Overmars
Keyword(s):  
Smart Cities ◽  
Security Requirements ◽  
Resource Constrained ◽  
Euler’S Method ◽  
Binary Arithmetic ◽  
Cryptographic Keys ◽  
Authentication And Authorization ◽  
Potential Benefits ◽  
Iot Devices ◽  
And Performance

The potential benefits of the Internet of Things (IoT) are hampered by malicious interventions of attackers when the fundamental security requirements such as authentication and authorization are not sufficiently met and existing measures are unable to protect the IoT environment from data breaches. With the spectrum of IoT application domains increasing to include mobile health, smart homes and smart cities in everyday life, the consequences of an attack in the IoT network connecting billions of devices will become critical. Due to the challenges in applying existing cryptographic standards to resource constrained IoT devices, new security solutions being proposed come with a tradeoff between security and performance. While much research has focused on developing lightweight cryptographic solutions that predominantly adopt RSA (Rivest–Shamir–Adleman) authentication methods, there is a need to identify the limitations in the usage of such measures. This research paper discusses the importance of a better understanding of RSA-based lightweight cryptography and the associated vulnerabilities of the cryptographic keys that are generated using semi-primes. In this paper, we employ mathematical operations on the sum of four squares to obtain one of the prime factors of a semi-prime that could lead to the attack of the RSA keys. We consider the even sum of squares and show how a modified binary greatest common divisor (GCD) can be used to quickly recover one of the factors of a semi-prime. The method presented in this paper only uses binary arithmetic shifts that are more suitable for the resource-constrained IoT landscape. This is a further improvement on previous work based on Euler’s method which is demonstrated using an illustration that allows for the faster testing of multiple sums of squares solutions more quickly.

scholarly journals TEE-based protection of cryptographic keys on embedded IoT devices

2021 ◽  
Vol 53 ◽  
pp. 245-256
Author(s):  
Dorottya Papp ◽  
Máté Zombor ◽  
Levente Buttyán
Keyword(s):  
Cryptographic Keys ◽  
Iot Devices

scholarly journals ACCESS CONTROL METHODS FOR INTERNET OF MEDICAL THINGS NETWORKS BASEDON ATTRIBUTE MODELS

2020 ◽  
Vol 20 (4) ◽  
pp. 44-54
Author(s):  
K.Y. Ponomarev ◽  
◽  
A.A. Zaharov ◽  
Keyword(s):  
Load Testing ◽  
Open Communication ◽  
Computing Power ◽  
Cloud Systems ◽  
Internet Resources ◽  
Attribute Based Encryption ◽  
Battery Capacity ◽  
Cryptographic Keys ◽  
Internet Of Medical Things ◽  
Iot Devices

The term «Internet of Medical Things» (IoMT ) refers to a set of devices and technologies for remote monitoring of patients’ health using wearable devices. One primary problem with pa-tient’s data is ensuring privacy and resource intensive protection when it is transmitted over open communication channels and stored in cloud systems. However, when it comes to millions of IoT devices, technologies that have already become classic for Internet resources are not suit-able in many aspects at once: low computing power, out of memory, limited battery capacity and etc. The work considered Attribute-based encryption for ensuring security of personified data in IoMT networks. Also, the research studied the issues of patient’s data confidentiality in cloud systems, management of cryptographic keys and data sharing control. The algorithms for effective and secure solution were proposed. We have proposed a framework for processing patient data from portable diagnostic devices using ABE methods. The results of load testing of the prototype are presented too

scholarly journals Design of Resistor-Capacitor Physically Unclonable Function for Resource-Constrained IoT Devices

Sensors ◽  
2020 ◽  
Vol 20 (2) ◽  
pp. 404
Author(s):  
Sangjae Lee ◽  
Mi-Kyung Oh ◽  
Yousung Kang ◽  
Dooho Choi
Keyword(s):  
Small Difference ◽  
Low Cost ◽  
Resource Constrained ◽  
Active Components ◽  
Unique Identifier ◽  
Passive Components ◽  
The Past ◽  
Design Flexibility ◽  
Cryptographic Keys ◽  
Iot Devices

Keeping IoT devices secure has been a major challenge recently. One of the possible solutions to secure IoT devices is to use a physically unclonable function (PUF). A PUF is a security primitive that can generate device-specific cryptographic information by extracting the features of hardware uncertainty. Because PUF instances are very difficult to replicate even by the manufacturer, the generated bit sequence can be used as cryptographic keys or as a unique identifier for the device. Regarding the implementation of PUF, the majority of PUFs introduced over the past decade are in the form of active components and have been implemented as separate chips or embedded as a part of a chip, making it difficult to use them in low-cost IoT devices due to cost and design flexibility. One approach to easily adopt PUFs in resource-constrained IoT devices is to use passive components such as resistors and capacitors (RC) that can be configured at low cost. The main feature of this RC-based PUF is that it extracts the small difference caused by charging and discharging of RC circuits and uses it as a response. In this paper, we extend the previous research and show the possibility to secure IoT devices by using the RC-based PUF.

scholarly journals A Vendor-Neutral Unified Core for Cryptographic Operations in GF(p) and GF(2m) Based on Montgomery Arithmetic

2018 ◽  
Vol 2018 ◽  
pp. 1-18 ◽  
Author(s):  
Martin Schramm ◽  
Reiner Dojen ◽  
Michael Heigl
Keyword(s):  
Energy Efficiency ◽  
Performance Analysis ◽  
Integrated Circuits ◽  
Random Numbers ◽  
Embedded Devices ◽  
Cryptographic Algorithms ◽  
Cryptographic Keys ◽  
Iot Devices

In the emerging IoT ecosystem in which the internetworking will reach a totally new dimension the crucial role of efficient security solutions for embedded devices will be without controversy. Typically IoT-enabled devices are equipped with integrated circuits, such as ASICs or FPGAs to achieve highly specific tasks. Such devices must have cryptographic layers implemented and must be able to access cryptographic functions for encrypting/decrypting and signing/verifying data using various algorithms and generate true random numbers, random primes, and cryptographic keys. In the context of a limited amount of resources that typical IoT devices will exhibit, due to energy efficiency requirements, efficient hardware structures in terms of time, area, and power consumption must be deployed. In this paper, we describe a scalable word-based multivendor-capable cryptographic core, being able to perform arithmetic operations in prime and binary extension finite fields based on Montgomery Arithmetic. The functional range comprises the calculation of modular additions and subtractions, the determination of the Montgomery Parameters, and the execution of Montgomery Multiplications and Montgomery Exponentiations. A prototype implementation of the adaptable arithmetic core is detailed. Furthermore, the decomposition of cryptographic algorithms to be used together with the proposed core is stated and a performance analysis is given.

scholarly journals Retrofitting Leakage Resilient Authenticated Encryption to Microcontrollers

2020 ◽  
pp. 365-388
Author(s):  
Florian Unterstein ◽  
Marc Schink ◽  
Thomas Schamberger ◽  
Lars Tebelmann ◽  
Manuel Ilg ◽  
...  
Keyword(s):  
Side Channel ◽  
Authenticated Encryption ◽  
Side Channel Attacks ◽  
Non Invasive ◽  
Cryptographic Keys ◽  
Protection Mechanisms ◽  
Leakage Resilient ◽  
Commercial Off The Shelf ◽  
Iot Devices ◽  
Physical Access

The security of Internet of Things (IoT) devices relies on fundamental concepts such as cryptographically protected firmware updates. In this context attackers usually have physical access to a device and therefore side-channel attacks have to be considered. This makes the protection of required cryptographic keys and implementations challenging, especially for commercial off-the-shelf (COTS) microcontrollers that typically have no hardware countermeasures. In this work, we demonstrate how unprotected hardware AES engines of COTS microcontrollers can be efficiently protected against side-channel attacks by constructing a leakage resilient pseudo random function (LR-PRF). Using this side-channel protected building block, we implement a leakage resilient authenticated encryption with associated data (AEAD) scheme that enables secured firmware updates. We use concepts from leakage resilience to retrofit side-channel protection on unprotected hardware AES engines by means of software-only modifications. The LR-PRF construction leverages frequent key changes and low data complexity together with key dependent noise from parallel hardware to protect against side-channel attacks. Contrary to most other protection mechanisms such as time-based hiding, no additional true randomness is required. Our concept relies on parallel S-boxes in the AES hardware implementation, a feature that is fortunately present in many microcontrollers as a measure to increase performance. In a case study, we implement the protected AEAD scheme for two popular ARM Cortex-M microcontrollers with differing parallelism. We evaluate the protection capabilities in realistic IoT attack scenarios, where non-invasive EM probes or power consumption measurements are employed by the attacker. We show that the concept provides the side-channel hardening that is required for the long-term security of IoT devices.

Heuristic vs Metaheuristic Method: Improvement of Spoofed Fingerprint Identification in IoT Devices

2019 ◽  
Vol 12 (3) ◽  
pp. 168
Author(s):  
Guruh Fajar Shidik ◽  
Edi Jaya Kusuma ◽  
Safira Nuraisha ◽  
Pulung Nurtantio Andono
Keyword(s):  
Fingerprint Identification ◽  
Iot Devices ◽  
Method Improvement

Bringing Security to The Smallest Embedded Systems

2017 ◽  
Author(s):  
JOSEPH YIU
Keyword(s):  
Internet Of Things ◽  
Embedded Systems ◽  
Low Cost ◽  
Security Requirements ◽  
The Internet ◽  
Security Measures ◽  
Significant Challenge ◽  
Iot Devices

The increasing need for security in microcontrollers Security has long been a significant challenge in microcontroller applications(MCUs). Traditionally, many microcontroller systems did not have strong security measures against remote attacks as most of them are not connected to the Internet, and many microcontrollers are deemed to be cheap and simple. With the growth of IoT (Internet of Things), security in low cost microcontrollers moved toward the spotlight and the security requirements of these IoT devices are now just as critical as high-end systems due to:

The Development of Intelligence Walking Stick for Elderly Health Care using IoT

2020 ◽  
Vol 9 (5) ◽  
pp. 1334-1338
Keyword(s):  
Health Care ◽  
Daily Living ◽  
The Elderly ◽  
Mean Value ◽  
Real Time System ◽  
Pressure Oxygen ◽  
Elderly Health ◽  
The Mean ◽  
Iot Devices ◽  
Walking Stick

Nowadays, Thailand is stepping into an aging society. This research purposes developing the intelligence walking stick for the elderly in terms of the health care system by applied the IoT devices and biometric sensors in a real-time system. The heart rate, blood pressure, oxygen saturation, and temperature were measured at the finger of the elderly that holding the intelligence walking stick. All data can monitor and display on mobile devices. The intelligence walking stick system was evaluated by twenty users who are five experts and fifteen elderly in Ratchaburi province. As a result of the mean value at 4.88 and 4.85 by experts and elderly, respectively. It could be said that the development of intelligence walking stick by using IoT can help and improve the daily living of the elderly at the highest level.

Sign in / Sign up

Export Citation Format

Share Document