22,430 research outputs found
A quantum key distribution protocol for rapid denial of service detection
We introduce a quantum key distribution protocol designed to expose fake
users that connect to Alice or Bob for the purpose of monopolising the link and
denying service. It inherently resists attempts to exhaust Alice and Bob's
initial shared secret, and is 100% efficient, regardless of the number of
qubits exchanged above the finite key limit. Additionally, secure key can be
generated from two-photon pulses, without having to make any extra
modifications. This is made possible by relaxing the security of BB84 to that
of the quantum-safe block cipher used for day-to-day encryption, meaning the
overall security remains unaffected for useful real-world cryptosystems such as
AES-GCM being keyed with quantum devices.Comment: 13 pages, 3 figures. v2: Shifted focus of paper towards DoS and added
protocol 4. v1: Accepted to QCrypt 201
A Survey on Wireless Sensor Network Security
Wireless sensor networks (WSNs) have recently attracted a lot of interest in
the research community due their wide range of applications. Due to distributed
nature of these networks and their deployment in remote areas, these networks
are vulnerable to numerous security threats that can adversely affect their
proper functioning. This problem is more critical if the network is deployed
for some mission-critical applications such as in a tactical battlefield.
Random failure of nodes is also very likely in real-life deployment scenarios.
Due to resource constraints in the sensor nodes, traditional security
mechanisms with large overhead of computation and communication are infeasible
in WSNs. Security in sensor networks is, therefore, a particularly challenging
task. This paper discusses the current state of the art in security mechanisms
for WSNs. Various types of attacks are discussed and their countermeasures
presented. A brief discussion on the future direction of research in WSN
security is also included.Comment: 24 pages, 4 figures, 2 table
ERASMUS: Efficient Remote Attestation via Self- Measurement for Unattended Settings
Remote attestation (RA) is a popular means of detecting malware in embedded
and IoT devices. RA is usually realized as an interactive protocol, whereby a
trusted party -- verifier -- measures integrity of a potentially compromised
remote device -- prover. Early work focused on purely software-based and fully
hardware-based techniques, neither of which is ideal for low-end devices. More
recent results have yielded hybrid (SW/HW) security architectures comprised of
a minimal set of features to support efficient and secure RA on low-end
devices.
All prior RA techniques require on-demand operation, i.e, RA is performed in
real time. We identify some drawbacks of this general approach in the context
of unattended devices: First, it fails to detect mobile malware that enters and
leaves the prover between successive RA instances. Second, it requires the
prover to engage in a potentially expensive (in terms of time and energy)
computation, which can be harmful for critical or real-time devices.
To address these drawbacks, we introduce the concept of self-measurement
where a prover device periodically (and securely) measures and records its own
software state, based on a pre-established schedule. A possibly untrusted
verifier occasionally collects and verifies these measurements. We present the
design of a concrete technique called ERASMUS : Efficient Remote Attestation
via Self-Measurement for Unattended Settings, justify its features and evaluate
its performance. In the process, we also define a new metric -- Quality of
Attestation (QoA). We argue that ERASMUS is well-suited for time-sensitive
and/or safety-critical applications that are not served well by on-demand RA.
Finally, we show that ERASMUS is a promising stepping stone towards handling
attestation of multiple devices (i.e., a group or swarm) with high mobility
An Outline of Security in Wireless Sensor Networks: Threats, Countermeasures and Implementations
With the expansion of wireless sensor networks (WSNs), the need for securing
the data flow through these networks is increasing. These sensor networks allow
for easy-to-apply and flexible installations which have enabled them to be used
for numerous applications. Due to these properties, they face distinct
information security threats. Security of the data flowing through across
networks provides the researchers with an interesting and intriguing potential
for research. Design of these networks to ensure the protection of data faces
the constraints of limited power and processing resources. We provide the
basics of wireless sensor network security to help the researchers and
engineers in better understanding of this applications field. In this chapter,
we will provide the basics of information security with special emphasis on
WSNs. The chapter will also give an overview of the information security
requirements in these networks. Threats to the security of data in WSNs and
some of their counter measures are also presented
Over-the-air software updates in the internet of things : an overview of key principles
Due to the fast pace at which IoT is evolving, there is an increasing need to support over-theair software updates for security updates, bug fixes, and software extensions. To this end, multiple over-the-air techniques have been proposed, each covering a specific aspect of the update process, such as (partial) code updates, data dissemination, and security. However, each technique introduces overhead, especially in terms of energy consumption, thereby impacting the operational lifetime of the battery constrained devices. Until now, a comprehensive overview describing the different update steps and quantifying the impact of each step is missing in the scientific literature, making it hard to assess the overall feasibility of an over-the-air update. To remedy this, our article analyzes which parts of an IoT operating system are most updated after device deployment, proposes a step-by-step approach to integrate software updates in IoT solutions, and quantifies the energy cost of each of the involved steps. The results show that besides the obvious dissemination cost, other phases such as security also introduce a significant overhead. For instance, a typical firmware update requires 135.026 mJ, of which the main portions are data dissemination (63.11 percent) and encryption (5.29 percent). However, when modular updates are used instead, the energy cost (e.g., for a MAC update) is reduced to 26.743 mJ (48.69 percent for data dissemination and 26.47 percent for encryption)
- …