scholarly journals Privacy-Preserving Machine Authenticated Key Agreement for Internet of Things

2021 ◽  
Vol 13 (2) ◽  
pp. 99-120
Author(s):  
Beaton Kapito ◽  
Mwawi Nyirenda ◽  
Hyunsung Kim
Keyword(s):  
Internet Of Things ◽  
Key Agreement ◽  
Security Analysis ◽  
Physical World ◽  
Privacy Preserving ◽  
Security And Privacy ◽  
Research Gaps ◽  
Authenticated Key Agreement ◽  
Privacy And Security ◽  
Active Attacks

Internet of things (IoT) is the integration of computer-based systems and the physical world in which things interact with each other. Due to heterogeneity and resource-constrained feature of IoT devices, there are many privacy and security challenges resulting in many threat vulnerabilities in IoT environments. After reviewing and analyzing the recent IoT security, privacy, and authentication protocols, we will withdraw research gaps focused on the elimination of human factors in IoT authentication. In order to fill these research gaps, this paper proposes a privacy-preserving machine authenticated key agreement based on IoT, denoted as IoTMAKA. IoTMAKA uses dynamic identity and machine fingerprint to provide security and privacy. Security analysis shows that IoTMAKA provides anonymity and untraceability, provides freshness, and is secure against passive and active attacks. IoTMAKA reduces communication overheads by 20% and computational overheads by 25% on average as compared to the previous related works.

scholarly journals Security Analysis of a Lightweight Identity-Based Two-Party Authenticated Key Agreement Protocol for IIoT Environments

2021 ◽  
Vol 2021 ◽  
pp. 1-6
Author(s):  
Yuting Li ◽  
Qingfeng Cheng ◽  
Wenbo Shi
Keyword(s):  
Internet Of Things ◽  
Social Life ◽  
Key Agreement ◽  
Security Analysis ◽  
Impersonation Attack ◽  
Industrial Internet Of Things ◽  
Authenticated Key Agreement ◽  
Key Agreement Protocol ◽  
Industrial Internet ◽  
Identity Based

Internet of Things brings convenience to the social life, at the same time, putting forward higher requirements for the security of data transmission and storage. Security incidents based on industrial Internet of Things have occurred frequently recently, which should be given full consideration. The identity-based authenticated key agreement protocol can solve these security threats to a certain extent. Recently, a lightweight identity-based authenticated key agreement protocol for Industrial Internet of Things, called ID-2PAKA protocol, was claimed to achieve secure authentication and meet security properties. In this paper, we show that the ID-2PAKA protocol is insecure in identity authentication and cannot resisting ephemeral key compromise impersonation attack.

scholarly journals An efficient anonymous authentication and key agreement scheme with privacy-preserving for smart cities

2021 ◽  
Vol 17 (6) ◽  
pp. 155014772110268
Author(s):  
Xueya Xia ◽  
Sai Ji ◽  
Pandi Vijayakumar ◽  
Jian Shen ◽  
Joel J. P. C. Rodrigues
Keyword(s):  
Internet Of Things ◽  
Privacy Preservation ◽  
Key Agreement ◽  
Smart Cities ◽  
Security Analysis ◽  
Security And Privacy ◽  
Experimental Simulation ◽  
Authentication And Key Agreement ◽  
Anonymous Authentication ◽  
Evaluation Mechanism

Internet of Things devices are responsible for collecting and transmitting data in smart cities, assisting smart cities to release greater potential. As Internet of Things devices are increasingly connected to smart cities, security and privacy have gradually become important issues. Recently, research works on mitigating security challenges of Internet of Things devices in smart cities mainly focused on authentication. However, in most of the existing authentication protocols, the trustworthiness evaluation of Internet of Things devices in smart cities is ignored. Considering the trustworthiness evaluation of Internet of Things devices is an important constituent of data source authentication, in this article, a cloud-aided trustworthiness evaluation mechanism is first designed to improve the credibility of the Internet of Things devices in smart cities. Furthermore, aiming at the problem that the user’s privacy is easy to leak in the process of authentication, an anonymous authentication and key agreement scheme based on non-interactive zero knowledge argument is proposed. The proposed scheme can ensure the privacy preservation and data security of Internet of Things devices in smart cities. The security analysis demonstrates that the proposed scheme is secure under q-SDH problem. The experimental simulation indicates that the performance of the proposal is greatly improved compared with other similar schemes.

scholarly journals A Lightweight Authentication Method in Perception Layer of IoT Through Digital Watermarking

2019 ◽  
Vol 8 (3) ◽  
pp. 2937-2942
Keyword(s):  
Internet Of Things ◽  
Temporal Dynamics ◽  
Low Cost ◽  
Security Analysis ◽  
Living Environment ◽  
Security And Privacy ◽  
Sensitive Data ◽  
Privacy And Security ◽  
Iot Devices ◽  
Lightweight Authentication

Introduction of IoT (Internet of Things) has enjoyed vigorous support from governments and research institutions around the world, and remarkable achievements have been obtained till date. IoT systems collect the voluminous amount of data in real time from hospitals, battlefield and daily living environment which is related to privacy and security of people. So, securing collected sensitive data is one of the major challenges in the development of IoT systems. Authenticating the source of collected data is utmost important because the adversary may act as a source which may lead to a breach in security and privacy of people using the IoT network. IoT devices are resource scarce so lightweight methods for network security and privacy need to develop to achieve future development goals. In this paper, a novel lightweight node to node authentication scheme based on watermark is proposed to solve the contradiction between the security and restricted resources of perception layer. To improve the security, Proposed scheme usage node identity and the number of neighbours as input to generate the watermark and use the watermark to calculate the embedding positions which makes node authentication based on temporal dynamics of sensing network. The generated watermark is embedded in fixed size message digest generated using the variable message as input into a low-cost one-way hashing algorithm LOCHA. The embedded bits of watermark extracted at the receiving node and matched to check the authenticity of the sender node. The security analysis and simulations of the proposed scheme show that it can be a good candidate to ensure the authentication of the resource constraint devices which are integral part of Internet of Things at low cost

A Survey of Authentication Schemes in the Internet of Things

2019 ◽  
Vol 6 (1) ◽  
pp. 15-30 ◽  
Author(s):  
Yasmine Labiod ◽  
Abdelaziz Amara Korba ◽  
Nacira Ghoualmi-Zine
Keyword(s):  
Internet Of Things ◽  
Security Requirements ◽  
Security And Privacy ◽  
The Internet ◽  
Privacy And Security ◽  
Depth Study ◽  
Authentication Schemes ◽  
Iot Devices ◽  
Privacy Issues ◽  
The Internet Of Things

In the recent years, the Internet of Things (IoT) has been widely deployed in different daily life aspects such as home automation, electronic health, the electric grid, etc. Nevertheless, the IoT paradigm raises major security and privacy issues. To secure the IoT devices, many research works have been conducted to counter those issues and discover a better way to remove those risks, or at least reduce their effects on the user's privacy and security requirements. This article mainly focuses on a critical review of the recent authentication techniques for IoT devices. First, this research presents a taxonomy of the current cryptography-based authentication schemes for IoT. In addition, this is followed by a discussion of the limitations, advantages, objectives, and attacks supported of current cryptography-based authentication schemes. Finally, the authors make in-depth study on the most relevant authentication schemes for IoT in the context of users, devices, and architecture that are needed to secure IoT environments and that are needed for improving IoT security and items to be addressed in the future.

scholarly journals A Secure Authentication and Key Agreement Scheme for IoT-Based Cloud Computing Environment

Symmetry ◽  
2020 ◽  
Vol 12 (1) ◽  
pp. 150 ◽  
Author(s):  
Yicheng Yu ◽  
Liang Hu ◽  
Jianfeng Chu
Keyword(s):  
Cloud Computing ◽  
Internet Of Things ◽  
Secure Communication ◽  
Key Agreement ◽  
Security Analysis ◽  
Computing Environment ◽  
Cloud Computing Environment ◽  
Authentication And Key Agreement ◽  
Insider Attack ◽  
Cloud Servers

The integration of Internet of things (IoT) and cloud computing technology has made our life more convenient in recent years. Cooperating with cloud computing, Internet of things can provide more efficient and practical services. People can accept IoT services via cloud servers anytime and anywhere in the IoT-based cloud computing environment. However, plenty of possible network attacks threaten the security of users and cloud servers. To implement effective access control and secure communication in the IoT-based cloud computing environment, identity authentication is essential. In 2016, He et al. put forward an anonymous authentication scheme, which is based on asymmetric cryptography. It is claimed that their scheme is capable of withstanding all kinds of known attacks and has good performance. However, their scheme has serious security weaknesses according to our cryptanalysis. The scheme is vulnerable to insider attack and DoS attack. For overcoming these weaknesses, we present an improved authentication and key agreement scheme for IoT-based cloud computing environment. The automated security verification (ProVerif), BAN-logic verification, and informal security analysis were performed. The results show that our proposed scheme is secure and can effectively resist all kinds of known attacks. Furthermore, compared with the original scheme in terms of security features and performance, our proposed scheme is feasible.

A WSN-Oriented Key Agreement Protocol in Internet of Things

2013 ◽  
Vol 401-403 ◽  
pp. 1792-1795 ◽  
Author(s):  
Tao Liu ◽  
Ya Wen Guan ◽  
Yi Qun Yan ◽  
Li Liu ◽  
Qi Chao Deng
Keyword(s):  
Internet Of Things ◽  
Trust Management ◽  
Key Agreement ◽  
Bilinear Pairing ◽  
Negotiation Process ◽  
Third Party ◽  
Security And Privacy ◽  
The Internet ◽  
Key Agreement Protocol ◽  
The Internet Of Things

Aimed to the security and privacy issues which restrict the construction and development of the Internet of Things, a WSN-oriented key agreement protocol in the Internet of Things ( IOT) has been proposed . Trust management was introduced the security mechanism of IOT, the use of bilinear pairing technology, the identity-based key agreement was realized. Using the protocol not only can effectively prevent attacks from outside the network and can recognize the abnormal nodes which were captured or lapsed efficacy. Thus it can reduce communication with abnormal nodes to improve network security, extending the lifetime of the network. The distributed self-organizing key negotiation process without credible third-party management can enhance the survivability of IOT, and the network has a good scalability.

Sign in / Sign up

Export Citation Format

Share Document