Novel Cryptographic Authentication Mechanisms for Supply Chains and OpenStack

In this dissertation, first, we studied the Radio-Frequency Identification (RFID) tag authentication problem in supply chains. RFID tags have been widely used as a low-cost wireless method for detecting counterfeit product injection in supply chains. We open a new direction toward solving this problem by using the Non-Volatile Memory (NVM) of recent RFID tags. We propose a method based on this direction that significantly improves the availability of the system and costs less. In our method, we introduce the notion of Software Unclonability, which is a kind of one-time MAC for authenticating random inputs. Also, we introduce three lightweight constructions that are software unclonable. Second, we focus on OpenStack that is a prestigious open-source cloud platform. OpenStack takes advantage of some tokening mechanisms to establish trust between its modules and users. It turns out that when an adversary captures user tokens by exploiting a bug in a module, he gets extreme power on behalf of users. Here, we propose a novel tokening mechanism that ties commands to tokens and enables OpenStack to support short life tokens while it keeps the performance up

Criptografía ligera en dispositivos de identificación por radiofrecuencia- RFID

Esta tesis se centra en el estudio de la tecnología de identificación por radiofrecuencia (RFID), la cual puede ser considerada como una de las tecnologías más prometedoras dentro del área de la computación ubicua. La tecnología RFID podría ser el sustituto de los códigos de barras. Aunque la tecnología RFID ofrece numerosas ventajas frente a otros sistemas de identificación, su uso lleva asociados riesgos de seguridad, los cuales no son fáciles de resolver. Los sistemas RFID pueden ser clasificados, atendiendo al coste de las etiquetas, distinguiendo principalmente entre etiquetas de alto coste y de bajo coste. Nuestra investigación se centra fundamentalmente en estas últimas. El estudio y análisis del estado del arte nos ha permitido identificar la necesidad de desarrollar soluciones criptográficas ligeras adecuadas para estos dispositivos limitados. El uso de soluciones criptográficas estándar supone una aproximación correcta desde un punto de vista puramente teórico. Sin embargo, primitivas criptográficas estándar (funciones resumen, código de autenticación de mensajes, cifradores de bloque/flujo, etc.) exceden las capacidades de las etiquetas de bajo coste. Por tanto, es necesario el uso de criptografía ligera._______________________________________This thesis examines the security issues of Radio Frequency Identification (RFID) technology, one of the most promising technologies in the field of ubiquitous computing. Indeed, RFID technology may well replace barcode technology. Although it offers many advantages over other identification systems, there are also associated security risks that are not easy to address. RFID systems can be classified according to tag price, with distinction between high-cost and low-cost tags. Our research work focuses mainly on low-cost RFID tags. An initial study and analysis of the state of the art identifies the need for lightweight cryptographic solutions suitable for these very constrained devices. From a purely theoretical point of view, standard cryptographic solutions may be a correct approach. However, standard cryptographic primitives (hash functions, message authentication codes, block/stream ciphers, etc.) are quite demanding in terms of circuit size, power consumption and memory size, so they make costly solutions for low-cost RFID tags. Lightweight cryptography is therefore a pressing need. First, we analyze the security of the EPC Class-1 Generation-2 standard, which is considered the universal standard for low-cost RFID tags. Secondly, we cryptanalyze two new proposals, showing their unsuccessful attempt to increase the security level of the specification without much further hardware demands. Thirdly, we propose a new protocol resistant to passive attacks and conforming to low-cost RFID tag requirements. In this protocol, costly computations are only performed by the reader, and security related computations in the tag are restricted to very simple operations. The protocol is inspired in the family of Ultralightweight Mutual Authentication Protocols (UMAP: M2AP, EMAP, LMAP) and the recently proposed SASI protocol. The thesis also includes the first published cryptanalysis of xi SASI under the weakest attacker model, that is, a passive attacker. Fourthly, we propose a new protocol resistant to both passive and active attacks and suitable for moderate-cost RFID tags. We adapt Shieh et.’s protocol for smart cards, taking into account the unique features of RFID systems. Finally, because this protocol is based on the use of cryptographic primitives and standard cryptographic primitives are not supported, we address the design of lightweight cryptographic primitives. Specifically, we propose a lightweight hash function (Tav-128) and a lightweight Pseudo-Random Number Generator (LAMED and LAMED-EPC).We analyze their security level and performance, as well as their hardware requirements and show that both could be realistically implemented, even in low-cost RFID tags

Energy efficiency in short and wide-area IoT technologies—A survey

In the last years, the Internet of Things (IoT) has emerged as a key application context in the design and evolution of technologies in the transition toward a 5G ecosystem. More and more IoT technologies have entered the market and represent important enablers in the deployment of networks of interconnected devices. As network and spatial device densities grow, energy efficiency and consumption are becoming an important aspect in analyzing the performance and suitability of different technologies. In this framework, this survey presents an extensive review of IoT technologies, including both Low-Power Short-Area Networks (LPSANs) and Low-Power Wide-Area Networks (LPWANs), from the perspective of energy efficiency and power consumption. Existing consumption models and energy efficiency mechanisms are categorized, analyzed and discussed, in order to highlight the main trends proposed in literature and standards toward achieving energy-efficient IoT networks. Current limitations and open challenges are also discussed, aiming at highlighting new possible research directions

COMPLEX PULSE FORMING TEACHNIQUE USING AM DETECTOR TYPE CIRCUITRY AND THE APPLICATION OF CDMA TO RFID FOR THE SIMULTANEOUS READING OF MULTIPLE TAGS

A novel complex ultra wideband RF pulse forming technique has been implemented in this research, using the coefficients derived from discrete Fourier transform of a virtual pulse train. Incorporated in this technique is a multiple frequency communication systems designed such that transmitter receiver proximity and the fading effect of the individual frequencies make part of a corresponding modulation technique. A code division multiple access (CDMA) application to RFID to greatly reduce read time, while at the same time eliminating inter tag interference, has been investigated with the analysis of a typical cart aisle scenario. With the current rate of growth of inventory world wide there is a tremendous need for more efficient method of data gathering, data storage, and data retrieval. In this dissertation, the application of the CDMA RFID technology has been analyzed to demonstrate the potentials of integrating the RFID technology to the EPC global numbering system

Design de circuitos RFID multi-ressonantes sem chip como substitutos dos códigos de barras

The chipless RFID technology , appears from an e ort to design low-cost RFID tags without the use of traditional silicone Application Specific Integrated Circuits (ASICs) that are the price bottleneck of the typicall RFID technology. In this way, tags become fully passive and without any active processing unit, thus the Chipless RFID system have more similarities with the Radio Detection And Ranging (RADAR) systems than with the common RFID systems. This dissertation sheds light on the problems and challenges that the RFID technology has as replacement of the optical barcode labels, discuss the state of the art of the chipless RFID technology and presents a model to describe the relationship between the multi-resonant circuit resonant frequency and the resonant spirals length. Finally, a chipless RFID system is simulated making use of the fractional Fourier Transform as means to separate linear frequency modulated signals that collide in both time and frequency domain. The results achieved with dissertation not only aid designers with the synthesis of multi-resonant circuits but also prove the reliability of the use of the fractional Fourier Transform as a means of manipulating the time-frequency domain and successfully recovering individual tags' ID from a signal containing more than one collided backscattered signal.A tecnologia de RFID sem chip, surgiu de um esforço para obter etiquetas RFID de baixo custo sem o uso de circuitos integrados de aplicação especifica (ASICs) que são a restrição à diminuição dos preço dos tipicos sistemas RFID. Desta forma, as tags tornam-se totalmente passivas e sem nenhuma unidade de processamento ativa, passando, os sistemas RFID sem chip a ter mais semelhanças com os sistemas de Radio Detection And Ranging (RADAR) do que com os sistemas RFID comuns. Esta dissertação esclarece os problemas e desafios que a tecnologia RFID enfrenta enquanto substituta das etiquetas de código de barras apresentando também o estado da arte da tecnologia RFID sem chip. Também apresenta e propõe um modelo para descrever a relação entre a frequência de ressonância do circuito multi-ressonante e o comprimento das espirais ressonantes. Finalmente, um sistema RFID sem chip é simulado usando a transformada fracionária de Fourier como meio de separar sinais modulados linearmente em frequência que colidem simultaneamente no domínio do tempo e da frequência. Os resultados alcançados com esta dissertação por um lado ajudam os projetistas com a síntese de circuitos multi-ressonantes e por outro provam a confiabilidade do uso da transformada fracionária de Fourier como um meio de manipular o domínio tempo-frequência para recuperar com sucesso informa ção individual de ID a partir de um sinal que contém mais de um sinal transmistido de uma etiqueta sem chip.Mestrado em Engenharia Eletrónica e Telecomunicaçõe

Intelligent Sensor Networks

In the last decade, wireless or wired sensor networks have attracted much attention. However, most designs target general sensor network issues including protocol stack (routing, MAC, etc.) and security issues. This book focuses on the close integration of sensing, networking, and smart signal processing via machine learning. Based on their world-class research, the authors present the fundamentals of intelligent sensor networks. They cover sensing and sampling, distributed signal processing, and intelligent signal learning. In addition, they present cutting-edge research results from leading experts

Modeling and simulation of an IoT enabled cold Chain Logistics management system

06.03.2018 tarihli ve 30352 sayılı Resmi Gazetede yayımlanan “Yükseköğretim Kanunu İle Bazı Kanun Ve Kanun Hükmünde Kararnamelerde Değişiklik Yapılması Hakkında Kanun” ile 18.06.2018 tarihli “Lisansüstü Tezlerin Elektronik Ortamda Toplanması, Düzenlenmesi ve Erişime Açılmasına İlişkin Yönerge” gereğince tam metin erişime açılmıştır.Dünya ekonomisinin etkileyici bir şekilde büyümesi, soğuk zincirde izlenmesi ve yönetilmesi gereken özellikle sıcaklık duyarlı ürünler için belirsizlik durumları karşısında etkin, esnek ve duyarlı olabilmek amacıyla lojistik hizmetleri talep eden tedarik zincirinde artış sağlamıştır. Bunun gerçekleştirilebilmesi için Lojistik şirketerinin uygun bilişim teknolojileri ile desteklenmesi gerekmektedir. İnternet kullanımı ile müşteri ve lojistik sağlayıcı arasında etkili bir bilgi akışı ortamı sağlanmaktadır; ancak lojistik hizmetindeki bilgi ve ürün akışı arasındaki mevcut açıklık, sıcaklık duyarlı nesneler hakkında gerçek zamanlı bilginin elde edilmesinde karar vericiler için lojistik yönetimini daha zor duruma getiren bir problem oluşturmaktadır. Nesnelerin İnterneti alanındaki gelişmeler soğuk zincir sanayilerinde izleme, yönetme ve gerçek zamanlı görünürlük sağlama ve uygun zeka seviyesi ile bilgi paylaşımı alanında potensiyel çözümler sunmaktadır. Bu çalışmada soğuk zincirin gerçek zamanlı ortam sıcaklığını izleme, yönetme ve soğuk zincir içerisindeki sıcaklık duyarlı ürünlerin raf ömrünün tahmin edilmesi aracılığıyla tüm karar vericilerin karar desteklerini geliştirmeye yardımcı olan IoT erişimli soğuk zincir lojistiği gösterilemektedir. Çalışma içerisinde, gerçek zamanlı ortam verileri IEEE 802.15.4 kablosuz algılayıcı ağ yapısı kullanılarak elde edilmiş ve toplanan veriler bir ağ geçidi aracılığıyla sunucuya, ürünlerin raf ömürlerinin geliştirilen karar destek sistemi yardıyla tahmin edilebilmesini sağlamak üzere, gönderilmiştir. Ayrıca, soğuk zincir içerisindeki bozulabilir ürünlerin tespiti için Radyo Frekanslı Tanıma (Radio Frequency Identification-RFID) kullanılmıştır. Çalışma içerisinde kullanılan tüm cihazlar ve protokoller olay-güdümlü Riverbed Modeler yazılımıyla modellenerek benzetimleri yapılmıştır.The Dramatic growth of world economy results growth in the supply chain which demands logistics service to be agile, flexible and responsive in the face of uncertainty, especially for temperature sensitive products that need to be monitored and managed in the cold chain. To achieve this, Logistics companies must be supported by appropriate information technologies. Internet provides an effective means of driving information between customer and logistics provider, however, existing gap between products flow and information flow in logistic service has created a problem in getting real-time information about temperature sensitive items which make logistics management more challenging for decision makers. The growth of internet of things (IoT) gives a potential solution for monitoring, managing, and achieving real-time visibility and sharing information with the appropriate level of intelligence in cold chain industries. This paper demonstrates IoT enabled cold chain logistics that helps to enhance the decision support of all actors through managing, monitoring the real-time ambient temperature of the cold chain and predicting the shelf-life of temperature sensitive products inside the cold chain. In the study, real-time data of ambient parameters are gathered using IEEE 802.15.4 based wireless sensor networks and sent to the remote server through a gateway so that the shelf life of the products can be predicted by the decision support system developed. Radio Frequency Identification (RFID) is also used for identification of perishable goods inside the cold chain. All the devices and protocols employed in the study are modeled and simulated using event-driven Riverbed Modeler software

Weak-Unforgeable Tags for Secure Supply Chain Management

Given the value of imported counterfeit and pirated goods, the need for secure supply chain management is pertinent. Maleki et al. (HOST 2017) propose a new management scheme based on RFID tags (with 2-3K bits NVM) which, if compared to other schemes, is competitive on several performance and security metrics. Its main idea is to have each RFID tag stores its reader events in its own NVM while moving through the supply chain. In order to bind a tag\u27s identity to each event such that an adversary is not able to impersonate the tag\u27s identity on another duplicate tag, a function with a weak form of unforgeability is needed. In this paper, we formally dene this security property, present three constructions (MULTIPLY-ADD, ADD-XOR, and S-Box-CBC) having this security property, and show how to bound the probability of successful impersonation in concrete parameter settings. Finally, we compare our constructions with the light-weight hash function PHOTON used by Maleki et al. in terms of security and circuit area needed. We conclude that our ADD-XOR and S-Box-CBC constructions have approximately 1/4 - 1/3 of PHOTON\u27s total circuit area (this also includes the control circuitry besides PHOTON) while maintaining an appropriate security level which takes care of economically motivated adversaries

Performance Assessment of Routing Protocols for IoT/6LoWPAN Networks

The Internet of Things (IoT) proposes a disruptive communication paradigm that allows smart objects to exchange data among themselves to reach a common goal. IoT application scenarios are multiple and can range from a simple smart home lighting system to fully controlled automated manufacturing chains. In the majority of IoT deployments, things are equipped with small devices that can suffer from severe hardware and energy restrictions that are responsible for performing data processing and wireless communication tasks. Thus, due to their features, communication networks that are used by these devices are generally categorized as Low Power and Lossy Networks (LLNs). The considerable variation in IoT applications represents a critical issue to LLN networks, which should offer support to different requirements as well as keeping reasonable quality-of-service (QoS) levels. Based on this challenge, routing protocols represent a key issue in IoT scenarios deployment. Routing protocols are responsible for creating paths among devices and their interactions. Hence, network performance and features are highly dependent on protocol behavior. Also, based on the adopted protocol, the support for some specific requirements of IoT applications may or may not be provided. Thus, a routing protocol should be projected to attend the needs of the applications considering the limitations of the device that will execute them. Looking to attend the demand of routing protocols for LLNs and, consequently, for IoT networks, the Internet Engineering Task Force (IETF) has designed and standardized the IPv6 Routing Protocol for Low Power and Lossy Networks (RPL). This protocol, although being robust and offering features to fulfill the need of several applications, still presents several faults and weaknesses (mainly related to its high complexity and memory requirement), which limits its adoption in IoT scenarios. An alternative to RPL, the Lightweight On-demand Ad Hoc Distancevector Routing Protocol – Next Generation (LOADng) has emerged as a less complicated routing solution for LLNs. However, the cost of its simplicity is paid for with the absence of adequate support for a critical set of features required for many IoT environments. Thus, based on the challenging open issues related to routing in IoT networks, this thesis aims to study and propose contributions to better attend the network requirements of IoT scenarios. A comprehensive survey, reviewing state-of-the-art routing protocols adopted for IoT, identified the strengths and weaknesses of current solutions available in the literature. Based on the identified limitations, a set of improvements is designed to overcome these issues and enhance IoT network performance. The novel solutions are proposed to include reliable and efficient support to attend the needs of IoT applications, such as mobility, heterogeneity, and different traffic patterns. Moreover, mechanisms to improve the network performance in IoT scenarios, which integrate devices with different communication technologies, are introduced. The studies conducted to assess the performance of the proposed solutions showed the high potential of the proposed solutions. When the approaches presented in this thesis were compared with others available in the literature, they presented very promising results considering the metrics related to the Quality of Service (QoS), network and energy efficiency, and memory usage as well as adding new features to the base protocols. Hence, it is believed that the proposed improvements contribute to the state-of-the-art of routing solutions for IoT networks, increasing the performance and adoption of enhanced protocols.A Internet das Coisas, do inglês Internet of Things (IoT), propõe um paradigma de comunicação disruptivo para possibilitar que dispositivos, que podem ser dotados de comportamentos autónomos ou inteligentes, troquem dados entre eles buscando alcançar um objetivo comum. Os cenários de aplicação do IoT são muito variados e podem abranger desde um simples sistema de iluminação para casa até o controle total de uma linha de produção industrial. Na maioria das instalações IoT, as “coisas” são equipadas com um pequeno dispositivo, responsável por realizar as tarefas de comunicação e processamento de dados, que pode sofrer com severas restrições de hardware e energia. Assim, devido às suas características, a rede de comunicação criada por esses dispositivos é geralmente categorizada como uma Low Power and Lossy Network (LLN). A grande variedade de cenários IoT representam uma questão crucial para as LLNs, que devem oferecer suporte aos diferentes requisitos das aplicações, além de manter níveis de qualidade de serviço, do inglês Quality of Service (QoS), adequados. Baseado neste desafio, os protocolos de encaminhamento constituem um aspecto chave na implementação de cenários IoT. Os protocolos de encaminhamento são responsáveis por criar os caminhos entre os dispositivos e permitir suas interações. Assim, o desempenho e as características da rede são altamente dependentes do comportamento destes protocolos. Adicionalmente, com base no protocolo adotado, o suporte a alguns requisitos específicos das aplicações de IoT podem ou não ser fornecidos. Portanto, estes protocolos devem ser projetados para atender as necessidades das aplicações assim como considerando as limitações do hardware no qual serão executados. Procurando atender às necessidades dos protocolos de encaminhamento em LLNs e, consequentemente, das redes IoT, a Internet Engineering Task Force (IETF) desenvolveu e padronizou o IPv6 Routing Protocol for Low Power and Lossy Networks (RPL). O protocolo, embora seja robusto e ofereça recursos para atender às necessidades de diferentes aplicações, apresenta algumas falhas e fraquezas (principalmente relacionadas com a sua alta complexidade e necessidade de memória) que limitam sua adoção em cenários IoT. Em alternativa ao RPL, o Lightweight On-demand Ad hoc Distance-vector Routing Protocol – Next Generation (LOADng) emergiu como uma solução de encaminhamento menos complexa para as LLNs. Contudo, o preço da simplicidade é pago com a falta de suporte adequado para um conjunto de recursos essenciais necessários em muitos ambientes IoT. Assim, inspirado pelas desafiadoras questões ainda em aberto relacionadas com o encaminhamento em redes IoT, esta tese tem como objetivo estudar e propor contribuições para melhor atender os requisitos de rede em cenários IoT. Uma profunda e abrangente revisão do estado da arte sobre os protocolos de encaminhamento adotados em IoT identificou os pontos fortes e limitações das soluções atuais. Com base nas debilidades encontradas, um conjunto de soluções de melhoria é proposto para superar carências existentes e melhorar o desempenho das redes IoT. As novas soluções são propostas para incluir um suporte confiável e eficiente capaz atender às necessidades das aplicações IoT relacionadas com suporte à mobilidade, heterogeneidade dos dispositivos e diferentes padrões de tráfego. Além disso, são introduzidos mecanismos para melhorar o desempenho da rede em cenários IoT que integram dispositivos com diferentes tecnologias de comunicação. Os vários estudos realizados para mensurar o desempenho das soluções propostas mostraram o grande potencial do conjunto de melhorias introduzidas. Quando comparadas com outras abordagens existentes na literatura, as soluções propostas nesta tese demonstraram um aumento do desempenho consistente para métricas relacionadas a qualidade de serviço, uso de memória, eficiência energética e de rede, além de adicionar novas funcionalidades aos protocolos base. Portanto, acredita-se que as melhorias propostas contribuiem para o avanço do estado da arte em soluções de encaminhamento para redes IoT e aumentar a adoção e utilização dos protocolos estudados

A fog computing framework for scalable RFID systems in global supply chain management

With the rapid proliferation of RFID systems in global supply chain management, tracking every object at the individual item level has led to the generation of enormous amount of data that will have to be stored and accessed quickly to make real time decisions. This is especially critical for perishable goods supply chain such as fruits and pharmaceuticals which have enormous value tied up in assets and may become worthless if they are not kept in precisely controlled and cool environments. While Cloud-based RFID solutions are deployed to monitor and track the products from manufacturer to retailer, we argue that Fog Computing is needed to bring efficiency and reduce the wastage experienced in the perishable produce supply chain. This paper investigates in-depth: (i) the application of Fog Computing in perishable produce supply chain management using blackberry fruit as a case study; (ii) the data, computations and storage requirements for the fog nodes at each stage of the supply chain; (iii) the adaptation of the architecture to the general perishable goods supply chain; and (iv) the benefits of the proposed fog nodes with respect to monitoring and actuation in the blackberry supply chain