Hash-Chain Fog/Edge: A Mode-Based Hash-Chain for Secured Mutual Authentication Protocol Using Zero-Knowledge Proofs in Fog/Edge

Authentication is essential for the prevention of various types of attacks in fog/edge computing. Therefore, a novel mode-based hash chain for secure mutual authentication is necessary to address the Internet of Things (IoT) devices’ vulnerability, as there have been several years of growing concerns regarding their security. Therefore, a novel model is designed that is stronger and effective against any kind of unauthorized attack, as IoT devices’ vulnerability is on the rise due to the mass production of IoT devices (embedded processors, camera, sensors, etc.), which ignore the basic security requirements (passwords, secure communication), making them vulnerable and easily accessible. Furthermore, crackable passwords indicate that the security measures taken are insufficient. As per the recent studies, several applications regarding its requirements are the IoT distributed denial of service attack (IDDOS), micro-cloud, secure university, Secure Industry 4.0, secure government, secure country, etc. The problem statement is formulated as the “design and implementation of dynamically interconnecting fog servers and edge devices using the mode-based hash chain for secure mutual authentication protocol”, which is stated to be an NP-complete problem. The hash-chain fog/edge implementation using timestamps, mode-based hash chaining, the zero-knowledge proof property, a distributed database/blockchain, and cryptography techniques can be utilized to establish the connection of smart devices in large numbers securely. The hash-chain fog/edge uses blockchain for identity management only, which is used to store the public keys in distributed ledger form, and all these keys are immutable. In addition, it has no overhead and is highly secure as it performs fewer calculations and requires minimum infrastructure. Therefore, we designed the hash-chain fog/edge (HCFE) protocol, which provides a novel mutual authentication scheme for effective session key agreement (using ZKP properties) with secure protocol communications. The experiment outcomes proved that the hash-chain fog/edge is more efficient at interconnecting various devices and competed favorably in the benchmark comparison.

A Key Management Protocol Based on the Hash Chain Key Generation for Securing LoRaWAN Networks

Recently, many Low Power Wide Area Network (LPWAN) protocols have been proposed for securing resource-constrained Internet of Things (IoT) devices with negligible power consumption. The Long Range Wide Area Network (LoRaWAN) is a low power communication protocol that supports message authentication, integrity, and encryption using two-session preshared secret keys. However, although the LoRaWAN supports some security functions, it suffers from session key generation and key update problems. This motivates us to introduce a new key management protocol that resolves the LoRaWAN problems and supports key updates. The proposed protocol is based on hash chain generation using a one-way hash function. Network entities share a common hash chain of n key elements to allow using a unique signing key per message. We also propose a salt hashing algorithm that encrypts the original keys into a different form to avoid the physical attacks at the end device side. We analyzed the proposed key generation performance in terms of the computation time, the required storage, and the communication overhead. We implemented and tested the proposed key generation protocol using the NS-3 network simulator. The proposed lightweight key generation protocol significantly enhances the security of the original LoRaWAN at a negligible overhead. The proposed protocol reduces the power consumption and transmission time by two times compared with some previous protocols. In addition, the proposed key generation protocol can resist attacks, such as key compromising attacks and replay attacks, and it supports the Perfect Forward Secrecy, which was not supported by LoRaWAN.

A Novel Hash Chain-Based Data Availability Monitoring Method for Off-site Disaster Recovery Architecture

With the rapid development of mobile Internet, there is a higher demand for the real-time, reliability and availability of information systems and to prevent the possible systemic risks of information systems, various business consistency standards and regulatory guidelines have been published, such as Recovery Time Object (RTO) and Recovery Point Object (RPO). Some of the current related researches focus on the standards, methods, management tools and technical frameworks of business consistency, while others study the data consistency algorithms in the cases of large data, cloud computing and distributed storage. However, few researchers have studied on how to monitor the data consistency and RPO of production-disaster recovery, and what architecture and technology should be applied in the monitoring. Moreover, in some information systems, due to the complex structures and distributions of data, it is difficult for traditional methods to quickly detect and accurately locate the first error data. Besides, due to the separation of production data center (PDC) and disaster recovery data center (DRDC), it is difficult to calculate the data difference and RPO between the two centers. This paper first discusses the architecture of remote distributed DRDCs. The architecture can make the disaster recovery (DR) system always online and the data always readable, and support the real-time monitoring of data availability, consistency as well as other related indicators, in this way to make DRDC out-of-the-box in disasters. Second, inspired by blockchain, this paper proposes a method to realize real-time monitoring of data consistency and RTO by building hash chains for PDC and DRDC. Third, this paper evaluates the hash chain operations from the algorithm time complexity, the data consistency, and the validity of RPO monitoring algorithms and since DR system is actually a kind of distributed system, the proposed approach can also be applied to the data consistency detection and data difference monitoring in other distributed systems.

Key Distribution Strategy of Wireless Sensor Network Based on Multi-Hash Chain

Key management is the basis of the security mechanism for wireless sensor networks and services, and random key pre-distribution is the most effective key management mechanism at present. However, there is a potential challenge to most current random key pre-distribution strategies: it is difficult to achieve both ideal network security connectivity and network survivability. In this paper, we present a novel random key pre-distribution scheme based on the hash chain. By adjusting certain system parameters, such as the hash chain length, the number of common auxiliary nodes and the number of hash chains, a sensor node only need to preload a few of keys, making it possible to establish the pairwise key with high probability among its neighboring nodes. The proposed scheme can still maintain strong network survivability even if there are many compromised nodes. The theoretical analysis and simulation experiments show that the proposed scheme is not only effective and secure, but also scalable.