SLAP: Secure Lightweight Authentication Protocol for Resource-constrained Devices

The Industrial Internet of Things (IIoT) consists of sensors, networks, and services to connect and control production systems. Its benefits include supply chain monitoring and machine failure detection. However, it has many vulnerabilities, such as industrial espionage and sabotage. Furthermore, many IIoT devices are resource-constrained, which impedes the use of traditional security services for them. Authentication allows devices to be confident of each other’s identity, preventing some security attacks. Many authentication protocols have been proposed for IIoT; however, they have high computing requirements not viable to resource-constrained devices, or they have been found insecure. In this paper, an authentication protocol for resource-constrained IIoT devices is proposed. It is based on the lightweight operations xor, addition, and subtraction, and a hash function. Also, only four messages are exchanged between the principals to authenticate. It has a low execution-time and communication-cost. Its security was successfully assessed with the formal methods Automated Validation of Internet Security Protocols and Applications (AVISPA) tool and Burrows–Abadi–Needham (BAN) logic, together with an informal analysis of its resistance to known attacks. Its performance and security were compared with state-of-the-art protocols, resulting in a good performance for resource-constrained IIoT devices, and higher security similar to computational expensive schemes.

Download Full-text

Robust Data Security Framework for IoT Network using Integrated Techniques

International Journal of Applied Mathematics and Machine Learning ◽

10.18642/ijamml_7100122152 ◽

2020 ◽

Vol 13 (1) ◽

pp. 5-23

Author(s):

Fadele Ayotunde Alaba ◽

◽

Abayomi Jegede ◽

Christopher Ifeanyi Eke ◽

◽

...

Keyword(s):

Rapid Development ◽

Cost Effective ◽

Security Protocol ◽

Security And Privacy ◽

Security Framework ◽

Resource Constrained ◽

Iot Devices ◽

Lightweight Authentication ◽

Resource Constrained Devices ◽

Constrained Devices

The Internet of Things (IoT) expects to improve human lives with the rapid development of resource-constrained devices and with the increased connectivity of physical embedded devices that make use of current Internet infrastructure to communicate. The major challenging in such an interconnected world of resource-constrained devices and sensors are security and privacy features. IoT is demand new approaches to security like a secure lightweight authentication technique, scalable approaches to continuous monitoring and threat mitigation, and new ways of detecting and blocking active threats. This paper presents the proposed security framework for IoT network. A detail understanding of the existing solutions leads to the development of security framework for IoT network. The framework was developed using cost effective design approach. Two components are used in developing the protocol. The components are Capability Design (mainly a ticket, token or key that provides authorization to access a device) and Advanced Encryption Standard (AES)-Galois Counter Mode (GCM) (a-security protocol for constrained IoT devices). AES-GCM is an encryption process that is based on authentication and well suitable IoT.

Download Full-text

Enterprise Security for the Internet of Things (IoT): Lightweight Bootstrapping with EAP-NOOB

Sensors ◽

10.3390/s20216101 ◽

2020 ◽

Vol 20 (21) ◽

pp. 6101

Author(s):

Aleksi Peltonen ◽

Eduardo Inglés ◽

Sampsa Latvala ◽

Dan Garcia-Carrillo ◽

Mohit Sethi ◽

...

Keyword(s):

Authentication Protocol ◽

The Internet ◽

Resource Constrained ◽

Window Blinds ◽

Enterprise Security ◽

Implementation Experience ◽

The Internet Of Things ◽

Extensible Authentication Protocol ◽

Resource Constrained Devices ◽

Constrained Devices

The emergence of radio technologies, such as Zigbee, Z-Wave, and Bluetooth Mesh, has transformed simple physical devices into smart objects that can understand and react to their environment. Devices, such as light bulbs, door locks, and window blinds, can now be connected to, and remotely controlled from, the Internet. Given the resource-constrained nature of many of these devices, they have typically relied on the use of universal global shared secrets for the initial bootstrapping and commissioning phase. Such a scheme has obvious security weaknesses and it also creates undesirable walled-gardens where devices of one ecosystem do not inter-operate with the other. In this paper, we investigate whether the standard Extensible Authentication Protocol (EAP) framework can be used for secure bootstrapping of resource-constrained devices. EAP naturally provides the benefits of per-device individual credentials, straightforward revocation, and isolation of devices. In particular, we look at the Nimble out-of-band authentication for EAP (EAP-NOOB) as a candidate EAP authentication method. EAP-NOOB greatly simplifies deployment of such devices as it does not require them to be pre-provisioned with credentials of any sort. Based on our implementation experience on off-the-shelf hardware, we demonstrate that lightweight EAP-NOOB is indeed a way forward to securely bootstrap such devices.

Download Full-text