Multi-layer and Clustering based Security Implementation for an IoT Environment

IoT devices are having many constraints related to computation power and memory etc. Many existing cryptographic algorithms of security could not work with IoT devices because of these constraints. Since the sensors are used in large amount to collect the relevant data in an IoT environment, and different sensor devices transmit these data as useful information, the first thing needs to be secure is the identity of devices. The second most important thing is the reliable information transmission between a sensor node and a sink node. While designing the cryptographic method in the IoT environment, programmers need to keep in mind the power limitation of the constraint devices. Mutual authentication between devices and encryption-decryption of messages need some sort of secure key. In the proposed cryptographic environment, there will be a hierarchical clustering, and devices will get registered by the authentication center at the time they enter the cluster. The devices will get mutually authenticated before initiating any conversation and will have to follow the public key protocol.

A lightweight and flexible mutual authentication and key agreement protocol for wearable sensing devices in WBAN

Purpose A wireless body area network (WBAN) is a collection of sensing devices attached to a person’s body that is typically used during health care to track their physical state. This paper aims to study the security challenges and various attacks that occurred while transferring a person’s sensitive medical diagnosis information in WBAN. Design/methodology/approach This technology has significantly gained prominence in the medical field. These wearable sensors are transferring information to doctors, and there are numerous possibilities for an intruder to pose as a doctor and obtain information about the patient’s vital information. As a result, mutual authentication and session key negotiations are critical security challenges for wearable sensing devices in WBAN. This work proposes an improved mutual authentication and key agreement protocol for wearable sensing devices in WBAN. The existing related schemes require more computational and storage requirements, but the proposed method provides a flexible solution with less complexity. Findings As sensor devices are resource-constrained, proposed approach only makes use of cryptographic hash-functions and bit-wise XOR operations, hence it is lightweight and flexible. The protocol’s security is validated using the AVISPA tool, and it will withstand various security attacks. The proposed protocol’s simulation and performance analysis are compared to current relevant schemes and show that it produces efficient outcomes. Originality/value This technology has significantly gained prominence in the medical sector. These sensing devises transmit information to doctors, and there are possibilities for an intruder to pose as a doctor and obtain information about the patient’s vital information. Hence, this paper proposes a lightweight and flexible protocol for mutual authentication and key agreement for wearable sensing devices in WBAN only makes use of cryptographic hash-functions and bit-wise XOR operations. The proposed protocol is simulated using AVISPA tool and its performance is better compared to the existing methods. This paper proposes a novel improved mutual authentication and key-agreement protocol for wearable sensing devices in WBAN.

Hash-Chain Fog/Edge: A Mode-Based Hash-Chain for Secured Mutual Authentication Protocol Using Zero-Knowledge Proofs in Fog/Edge

Authentication is essential for the prevention of various types of attacks in fog/edge computing. Therefore, a novel mode-based hash chain for secure mutual authentication is necessary to address the Internet of Things (IoT) devices’ vulnerability, as there have been several years of growing concerns regarding their security. Therefore, a novel model is designed that is stronger and effective against any kind of unauthorized attack, as IoT devices’ vulnerability is on the rise due to the mass production of IoT devices (embedded processors, camera, sensors, etc.), which ignore the basic security requirements (passwords, secure communication), making them vulnerable and easily accessible. Furthermore, crackable passwords indicate that the security measures taken are insufficient. As per the recent studies, several applications regarding its requirements are the IoT distributed denial of service attack (IDDOS), micro-cloud, secure university, Secure Industry 4.0, secure government, secure country, etc. The problem statement is formulated as the “design and implementation of dynamically interconnecting fog servers and edge devices using the mode-based hash chain for secure mutual authentication protocol”, which is stated to be an NP-complete problem. The hash-chain fog/edge implementation using timestamps, mode-based hash chaining, the zero-knowledge proof property, a distributed database/blockchain, and cryptography techniques can be utilized to establish the connection of smart devices in large numbers securely. The hash-chain fog/edge uses blockchain for identity management only, which is used to store the public keys in distributed ledger form, and all these keys are immutable. In addition, it has no overhead and is highly secure as it performs fewer calculations and requires minimum infrastructure. Therefore, we designed the hash-chain fog/edge (HCFE) protocol, which provides a novel mutual authentication scheme for effective session key agreement (using ZKP properties) with secure protocol communications. The experiment outcomes proved that the hash-chain fog/edge is more efficient at interconnecting various devices and competed favorably in the benchmark comparison.

Lightweight Payload Encryption-Based Authentication Scheme for Advanced Metering Infrastructure Sensor Networks

The Internet of Things (IoT) connects billions of sensors to share and collect data at any time and place. The Advanced Metering Infrastructure (AMI) is one of the most important IoT applications. IoT supports AMI to collect data from smart sensors, analyse and measure abnormalities in the energy consumption pattern of sensors. However, two-way communication in distributed sensors is sensitive and tends towards security and privacy issues. Before deploying distributed sensors, data confidentiality and privacy and message authentication for sensor devices and control messages are the major security requirements. Several authentications and encryption protocols have been developed to provide confidentiality and integrity. However, many sensors in distributed systems, resource constraint smart sensors, and adaptability of IoT communication protocols in sensors necessitate designing an efficient and lightweight security authentication scheme. This paper proposes a Payload Encryption-based Optimisation Scheme for lightweight authentication (PEOS) on distributed sensors. The PEOS integrates and optimises important features of Datagram Transport Layer Security (DTLS) in Constrained Application Protocol (CoAP) architecture instead of implementing the DTLS in a separate channel. The proposed work designs a payload encryption scheme and an Optimised Advanced Encryption Standard (OP-AES). The PEOS modifies the DTLS handshaking and retransmission processes in PEOS using payload encryption and NACK messages, respectively. It also removes the duplicate features of the protocol version and sequence number without impacting the performance of CoAP. Moreover, the PEOS attempts to improve the CoAP over distributed sensors in the aspect of optimised AES operations, such as parallel execution of S-boxes in SubBytes and delayed Mixcolumns. The efficiency of PEOS authentication is evaluated on Conitki OS using the Cooja simulator for lightweight security and authentication. The proposed scheme attains better throughput while minimising the message size overhead by 9% and 23% than the existing payload-based mutual authentication PbMA and basic DTLS/CoAP scheme in random network topologies with less than 50 nodes.

Anonymous Mutual and Batch Authentication with Location Privacy of UAV in FANET

As there has been an advancement in avionic systems in recent years, the enactment of unmanned aerial vehicles (UAV) has upgraded. As compared to a single UAV system, multiple UAV systems can perform operations more inexpensively and efficiently. As a result, new technologies between user/control station and UAVs have been developed. FANET (Flying Ad-Hoc Network) is a subset of the MANET (Mobile Ad-Hoc Network) that includes UAVs. UAVs, simply called drones, are used for collecting sensitive data in real time. The security and privacy of these data are of priority importance. Therefore, to overcome the privacy and security threats problem and to make communication between the UAV and the user effective, a competent anonymous mutual authentication scheme is proposed in this work. There are several methodologies addressed in this work such as anonymous batch authentication in FANET which helps to authenticate a large group of drones at the same time, thus reducing the computational overhead. In addition, the integrity preservation technique helps to avoid message alteration during transmission. Moreover, the security investigation section discusses the resistance of the proposed work against different types of possible attacks. Finally, the proposed work is related to the prevailing schemes in terms of communication and computational cost and proves to be more efficient.

Lightweight and Anonymous Mutual Authentication Protocol for Edge IoT Nodes with Physical Unclonable Function

Internet of Things (IoT) has been widely used in many fields, bringing great convenience to people’s traditional work and life. IoT generates tremendous amounts of data at the edge of network. However, the security of data transmission is facing severe challenges. In particular, edge IoT nodes cannot run complex encryption operations due to their limited computing and storage resources. Therefore, edge IoT nodes are more susceptible to various security attacks. To this end, a lightweight mutual authentication and key agreement protocol is proposed to achieve the security of IoT nodes’ communication. The protocol uses the reverse fuzzy extractor to acclimatize to the noisy environment and introduces the supplementary subprotocol to enhance resistance to the desynchronization attack. It uses only lightweight cryptographic operations, such as hash function, XORs, and PUF. It only stores one pseudo-identity. The protocol is proven to be secure by rigid security analysis based on improved BAN logic. Performance analysis shows the proposed protocol has more comprehensive functions and incurs lower computation and communication cost when compared with similar protocols.