Enhancing broadcast authentication in sensor networks

Due to the nature of wireless sensor networks, security is a critical problem since resource constrained and usually unattended sensors are much vulnerable to malicious attackers that may impersonate the sender. Therefore authenticating received messages is a crucial matter to protect the system integrity. Generally used TESLA (Timed Efficient Stream Loss-tolerant Authentication) based authentication techniques involve consecutive delays for decryption purposes. These delays render the network vulnerable to different malicious attacks such as Denial of Service attack. As several techniques try to achieve immediate authentication to alleviate these threats, other factors such as reliability and buffer requirements may have been compromised. This project proposes an integration of Low Buffer ,uTESLA protocol and an immediate authentication protocol to achieve a new refined scheme in broadcast authentication in sensor networks. Performance analysis and simulation results demonstrate that the proposed method succeeds to achieve immediate authentication while preserving desired security and low memory requirements in sensor nodes.

Enhancing broadcast authentication in sensor networks

Due to the nature of wireless sensor networks, security is a critical problem since resource constrained and usually unattended sensors are much vulnerable to malicious attackers that may impersonate the sender. Therefore authenticating received messages is a crucial matter to protect the system integrity. Generally used TESLA (Timed Efficient Stream Loss-tolerant Authentication) based authentication techniques involve consecutive delays for decryption purposes. These delays render the network vulnerable to different malicious attacks such as Denial of Service attack. As several techniques try to achieve immediate authentication to alleviate these threats, other factors such as reliability and buffer requirements may have been compromised. This project proposes an integration of Low Buffer ,uTESLA protocol and an immediate authentication protocol to achieve a new refined scheme in broadcast authentication in sensor networks. Performance analysis and simulation results demonstrate that the proposed method succeeds to achieve immediate authentication while preserving desired security and low memory requirements in sensor nodes.

Multi-Zone Authentication and Privacy-Preserving Protocol (MAPP) Based on the Bilinear Pairing Cryptography for 5G-V2X

5G-Vehicle-to-Everything (5G-V2X) supports high-reliability and low latency autonomous services and applications. Proposing an efficient security solution that supports multi-zone broadcast authentication and satisfies the 5G requirement is a critical challenge. In The 3rd Generation Partnership Project (3GPP) Release 16 standard, for Cellular- Vehicle-to-Everything (C-V2X) single-cell communication is suggested to reuse the IEEE1609.2 security standard that utilizes the Public Key Infrastructure (PKI) cryptography. PKI-based solutions provide a high-security level, however, it suffers from high communication and computation overhead, due to the large size of the attached certificate and signature. In this study, we propose a light-weight Multi-Zone Authentication and Privacy-Preserving Protocol (MAPP) based on the bilinear pairing cryptography and short-size signature. MAPP protocol provides three different authentication methods that enable a secure broadcast authentication over multiple zones of large-scale base stations, using a single message and a single short signature. We also propose a centralized dynamic key generation method for multiple zones. We implemented and analyzed the proposed key generation and authentication methods using an authentication simulator and a bilinear pairing library. The proposed methods significantly reduce the signature generation time by 16 times–80 times, as compared to the previous methods. Additionally, the proposed methods significantly reduced the signature verification time by 10 times–16 times, as compared to the two previous methods. The three proposed authentication methods achieved substantial speed-up in the signature generation time and verification time, using a short bilinear pairing signature.

An Improved Broadcast Authentication Protocol for Wireless Sensor Networks Based on the Self-Reinitializable Hash Chains

Broadcast authentication is a fundamental security primitive in wireless sensor networks (WSNs), which is a critical sensing component of IoT. Although symmetric-key-based μTESLA protocol has been proposed, some concerns about the difficulty of predicting the network lifecycle in advance and the security problems caused by an overlong long hash chain still remain. This paper presents a scalable broadcast authentication scheme named DH-μTESLA, which is an extension and improvement of μTESLA and Multilevel μTESLA, to achieve several vital properties, such as infinite lifecycle of hash chains, security authentication, scalability, and strong tolerance of message loss. The proposal consists of the t,n-threshold-based self-reinitializable hash chain scheme (SRHC-TD) and the d-left-counting-Bloom-filter-based authentication scheme (AdlCBF). In comparison to other broadcast authentication protocols, our proposal achieves more security properties such as fresh node’s participation and DoS resistance. Furthermore, the reinitializable hash chain constructed in SRHC-TD is proved to be secure and has less computation and communication overhead compared with typical solutions, and efficient storage is realized based on AdlCBF, which can also defend against DoS attacks.