873 research outputs found
KLEIN: A New Family of Lightweight Block Ciphers
Resource-efficient cryptographic primitives become fundamental for realizing both security and efficiency in embedded systems like RFID tags and sensor nodes. Among those primitives, lightweight block cipher plays a major role as a building block for security protocols. In this paper, we describe a new family of lightweight block ciphers named KLEIN, which is designed for resource-constrained devices such as wireless sensors and RFID tags. Compared to the related proposals, KLEIN has advantage in the software performance on legacy sensor platforms, while in the same time its hardware implementation can also be compact
Security of Ubiquitous Computing Systems
The chapters in this open access book arise out of the EU Cost Action project Cryptacus, the objective of which was to improve and adapt existent cryptanalysis methodologies and tools to the ubiquitous computing framework. The cryptanalysis implemented lies along four axes: cryptographic models, cryptanalysis of building blocks, hardware and software security engineering, and security assessment of real-world systems. The authors are top-class researchers in security and cryptography, and the contributions are of value to researchers and practitioners in these domains. This book is open access under a CC BY license
A Comprehensive Survey on the Implementations, Attacks, and Countermeasures of the Current NIST Lightweight Cryptography Standard
This survey is the first work on the current standard for lightweight
cryptography, standardized in 2023. Lightweight cryptography plays a vital role
in securing resource-constrained embedded systems such as deeply-embedded
systems (implantable and wearable medical devices, smart fabrics, smart homes,
and the like), radio frequency identification (RFID) tags, sensor networks, and
privacy-constrained usage models. National Institute of Standards and
Technology (NIST) initiated a standardization process for lightweight
cryptography and after a relatively-long multi-year effort, eventually, in Feb.
2023, the competition ended with ASCON as the winner. This lightweight
cryptographic standard will be used in deeply-embedded architectures to provide
security through confidentiality and integrity/authentication (the dual of the
legacy AES-GCM block cipher which is the NIST standard for symmetric key
cryptography). ASCON's lightweight design utilizes a 320-bit permutation which
is bit-sliced into five 64-bit register words, providing 128-bit level
security. This work summarizes the different implementations of ASCON on
field-programmable gate array (FPGA) and ASIC hardware platforms on the basis
of area, power, throughput, energy, and efficiency overheads. The presented
work also reviews various differential and side-channel analysis attacks (SCAs)
performed across variants of ASCON cipher suite in terms of algebraic,
cube/cube-like, forgery, fault injection, and power analysis attacks as well as
the countermeasures for these attacks. We also provide our insights and visions
throughout this survey to provide new future directions in different domains.
This survey is the first one in its kind and a step forward towards
scrutinizing the advantages and future directions of the NIST lightweight
cryptography standard introduced in 2023
Criptografía ligera en dispositivos de identificación por radiofrecuencia- RFID
Esta tesis se centra en el estudio de la tecnología de identificación por radiofrecuencia (RFID), la cual puede ser considerada como una de las tecnologías más prometedoras dentro del área de la computación ubicua. La tecnología RFID podría ser el sustituto de los códigos de barras. Aunque la tecnología RFID ofrece numerosas ventajas frente a otros sistemas de identificación, su uso lleva asociados riesgos de seguridad, los cuales no son fáciles de resolver. Los sistemas RFID pueden ser clasificados, atendiendo al coste de las etiquetas, distinguiendo principalmente entre etiquetas de alto coste y de bajo coste. Nuestra investigación se centra fundamentalmente en estas últimas. El estudio y análisis del estado del arte nos ha permitido identificar la necesidad de desarrollar soluciones criptográficas ligeras adecuadas para estos dispositivos limitados. El uso de soluciones criptográficas estándar supone una aproximación correcta desde un punto de vista puramente teórico. Sin embargo, primitivas criptográficas estándar (funciones resumen, código de autenticación de mensajes, cifradores de bloque/flujo, etc.) exceden las capacidades de las etiquetas de bajo coste. Por tanto, es necesario el uso de criptografía ligera._______________________________________This thesis examines the security issues of Radio Frequency Identification
(RFID) technology, one of the most promising technologies in the field of
ubiquitous computing. Indeed, RFID technology may well replace barcode
technology. Although it offers many advantages over other identification
systems, there are also associated security risks that are not easy to address.
RFID systems can be classified according to tag price, with distinction
between high-cost and low-cost tags. Our research work focuses mainly
on low-cost RFID tags. An initial study and analysis of the state of the
art identifies the need for lightweight cryptographic solutions suitable for
these very constrained devices. From a purely theoretical point of view,
standard cryptographic solutions may be a correct approach. However,
standard cryptographic primitives (hash functions, message authentication
codes, block/stream ciphers, etc.) are quite demanding in terms of circuit
size, power consumption and memory size, so they make costly solutions
for low-cost RFID tags. Lightweight cryptography is therefore a pressing
need.
First, we analyze the security of the EPC Class-1 Generation-2 standard,
which is considered the universal standard for low-cost RFID tags.
Secondly, we cryptanalyze two new proposals, showing their unsuccessful
attempt to increase the security level of the specification without much further
hardware demands. Thirdly, we propose a new protocol resistant to
passive attacks and conforming to low-cost RFID tag requirements. In this
protocol, costly computations are only performed by the reader, and security
related computations in the tag are restricted to very simple operations.
The protocol is inspired in the family of Ultralightweight Mutual Authentication
Protocols (UMAP: M2AP, EMAP, LMAP) and the recently proposed
SASI protocol. The thesis also includes the first published cryptanalysis of
xi
SASI under the weakest attacker model, that is, a passive attacker. Fourthly,
we propose a new protocol resistant to both passive and active attacks and
suitable for moderate-cost RFID tags. We adapt Shieh et.’s protocol for
smart cards, taking into account the unique features of RFID systems. Finally,
because this protocol is based on the use of cryptographic primitives
and standard cryptographic primitives are not supported, we address the
design of lightweight cryptographic primitives. Specifically, we propose
a lightweight hash function (Tav-128) and a lightweight Pseudo-Random
Number Generator (LAMED and LAMED-EPC).We analyze their security
level and performance, as well as their hardware requirements and show that both could be realistically implemented, even in low-cost RFID tags
New Secure IoT Architectures, Communication Protocols and User Interaction Technologies for Home Automation, Industrial and Smart Environments
Programa Oficial de Doutoramento en Tecnoloxías da Información e das Comunicacións en Redes Móbiles. 5029V01Tese por compendio de publicacións[Abstract]
The Internet of Things (IoT) presents a communication network where heterogeneous
physical devices such as vehicles, homes, urban infrastructures or industrial machinery
are interconnected and share data. For these communications to be successful, it is
necessary to integrate and embed electronic devices that allow for obtaining environmental
information (sensors), for performing physical actuations (actuators) as well as
for sending and receiving data (network interfaces).
This integration of embedded systems poses several challenges. It is needed for these
devices to present very low power consumption. In many cases IoT nodes are powered by
batteries or constrained power supplies. Moreover, the great amount of devices needed in
an IoT network makes power e ciency one of the major concerns of these deployments,
due to the cost and environmental impact of the energy consumption. This need for low
energy consumption is demanded by resource constrained devices, con
icting with the
second major concern of IoT: security and data privacy. There are critical urban and
industrial systems, such as tra c management, water supply, maritime control, railway
control or high risk industrial manufacturing systems such as oil re neries that will
obtain great bene ts from IoT deployments, for which non-authorized access can posse
severe risks for public safety. On the other hand, both these public systems and the
ones deployed on private environments (homes, working places, malls) present a risk for
the privacy and security of their users. These IoT deployments need advanced security
mechanisms, both to prevent access to the devices and to protect the data exchanged
by them.
As a consequence, it is needed to improve two main aspects: energy e ciency of IoT
devices and the use of lightweight security mechanisms that can be implemented by
these resource constrained devices but at the same time guarantee a fair degree of
security.
The huge amount of data transmitted by this type of networks also presents another
challenge. There are big data systems capable of processing large amounts of data,
but with IoT the granularity and dispersion of the generated information presents a
new scenario very di erent from the one existing nowadays. Forecasts anticipate that there will be a growth from the 15 billion installed devices in 2015 to more than 75
billion devices in 2025. Moreover, there will be much more services exploiting the data
produced by these networks, meaning the resulting tra c will be even higher. The
information must not only be processed in real time, but data mining processes will
have to be performed to historical data.
The main goal of this Ph.D. thesis is to analyze each one of the previously described
challenges and to provide solutions that allow for an adequate adoption of IoT in
Industrial, domestic and, in general, any scenario that can obtain any bene t from the
interconnection and
exibility that IoT brings.[Resumen]
La internet de las cosas (IoT o Internet of Things) representa una red de intercomunicaciones
en la que participan dispositivos físicos de toda índole, como vehículos,
viviendas, electrodomésticos, infraestructuras urbanas o maquinaria y dispositivos industriales.
Para que esta comunicación se pueda llevar a cabo es necesario integrar
elementos electr onicos que permitan obtener informaci on del entorno (sensores), realizar
acciones f sicas (actuadores) y enviar y recibir la informaci on necesaria (interfaces de
comunicaciones de red).
La integración y uso de estos sistemas electrónicos embebidos supone varios retos. Es
necesario que dichos dispositivos presenten un consumo reducido. En muchos casos
deberían ser alimentados por baterías o fuentes de alimentación limitadas. Además,
la gran cantidad de dispositivos que involucra la IoT hace necesario que la e ciencia
energética de los mismos sea una de las principales preocupaciones, por el coste e
implicaciones medioambientales que supone el consumo de electricidad de los mismos.
Esta necesidad de limitar el consumo provoca que dichos dispositivos tengan unas
prestaciones muy limitadas, lo que entra en conflicto con la segunda mayor preocupación
de la IoT: la seguridad y privacidad de los datos. Por un lado existen sistemas críticos
urbanos e industriales, como puede ser la regulación del tráfi co, el control del suministro
de agua, el control marítimo, el control ferroviario o los sistemas de producción industrial
de alto riesgo, como refi nerías, que son claros candidatos a benefi ciarse de la IoT, pero
cuyo acceso no autorizado supone graves problemas de seguridad ciudadana. Por otro
lado, tanto estos sistemas de naturaleza publica, como los que se desplieguen en entornos
privados (viviendas, entornos de trabajo o centros comerciales, entre otros) suponen
un riesgo para la privacidad y también para la seguridad de los usuarios. Todo esto
hace que sean necesarios mecanismos de seguridad avanzados, tanto de acceso a los
dispositivos como de protección de los datos que estos intercambian.
En consecuencia, es necesario avanzar en dos aspectos principales: la e ciencia energética de los dispositivos y el uso de mecanismos de seguridad e ficientes, tanto
computacional como energéticamente, que permitan la implantación de la IoT sin
comprometer la seguridad y la privacidad de los usuarios. Por otro lado, la ingente cantidad de información que estos sistemas puede llegar
a producir presenta otros dos retos que deben ser afrontados. En primer lugar, el
tratamiento y análisis de datos toma una nueva dimensión. Existen sistemas de big
data capaces de procesar cantidades enormes de información, pero con la internet de
las cosas la granularidad y dispersión de los datos plantean un escenario muy distinto
al actual. La previsión es pasar de 15.000.000.000 de dispositivos instalados en 2015
a más de 75.000.000.000 en 2025. Además existirán multitud de servicios que harán
un uso intensivo de estos dispositivos y de los datos que estos intercambian, por lo
que el volumen de tráfico será todavía mayor. Asimismo, la información debe ser
procesada tanto en tiempo real como a posteriori sobre históricos, lo que permite
obtener información estadística muy relevante en diferentes entornos.
El principal objetivo de la presente tesis doctoral es analizar cada uno de estos retos
(e ciencia energética, seguridad, procesamiento de datos e interacción con el usuario)
y plantear soluciones que permitan una correcta adopción de la internet de las cosas
en ámbitos industriales, domésticos y en general en cualquier escenario que se pueda
bene ciar de la interconexión y
flexibilidad de acceso que proporciona el IoT.[Resumo]
O internet das cousas (IoT ou Internet of Things) representa unha rede de intercomunicaci
óns na que participan dispositivos físicos moi diversos, coma vehículos, vivendas,
electrodomésticos, infraestruturas urbanas ou maquinaria e dispositivos industriais.
Para que estas comunicacións se poidan levar a cabo é necesario integrar elementos
electrónicos que permitan obter información da contorna (sensores), realizar accións
físicas (actuadores) e enviar e recibir a información necesaria (interfaces de comunicacións
de rede).
A integración e uso destes sistemas electrónicos integrados supón varios retos. En
primeiro lugar, é necesario que estes dispositivos teñan un consumo reducido. En
moitos casos deberían ser alimentados por baterías ou fontes de alimentación limitadas.
Ademais, a gran cantidade de dispositivos que se empregan na IoT fai necesario que a
e ciencia enerxética dos mesmos sexa unha das principais preocupacións, polo custo e
implicacións medioambientais que supón o consumo de electricidade dos mesmos. Esta
necesidade de limitar o consumo provoca que estes dispositivos teñan unhas prestacións
moi limitadas, o que entra en con
ito coa segunda maior preocupación da IoT: a
seguridade e privacidade dos datos. Por un lado existen sistemas críticos urbanos e
industriais, como pode ser a regulación do tráfi co, o control de augas, o control marítimo,
o control ferroviario ou os sistemas de produción industrial de alto risco, como refinerías,
que son claros candidatos a obter benefi cios da IoT, pero cuxo acceso non autorizado
supón graves problemas de seguridade cidadá. Por outra parte tanto estes sistemas de
natureza pública como os que se despreguen en contornas privadas (vivendas, contornas
de traballo ou centros comerciais entre outros) supoñen un risco para a privacidade e
tamén para a seguridade dos usuarios. Todo isto fai que sexan necesarios mecanismos
de seguridade avanzados, tanto de acceso aos dispositivos como de protección dos datos
que estes intercambian.
En consecuencia, é necesario avanzar en dous aspectos principais: a e ciencia enerxética
dos dispositivos e o uso de mecanismos de seguridade re cientes, tanto computacional
como enerxéticamente, que permitan o despregue da IoT sen comprometer a seguridade
e a privacidade dos usuarios.
Por outro lado, a inxente cantidade de información que estes sistemas poden chegar
a xerar presenta outros retos que deben ser tratados. O tratamento e a análise de
datos toma unha nova dimensión. Existen sistemas de big data capaces de procesar
cantidades enormes de información, pero coa internet das cousas a granularidade e
dispersión dos datos supón un escenario moi distinto ao actual. A previsión e pasar
de 15.000.000.000 de dispositivos instalados no ano 2015 a m ais de 75.000.000.000 de
dispositivos no ano 2025. Ademais existirían multitude de servizos que farían un uso
intensivo destes dispositivos e dos datos que intercambian, polo que o volume de tráfico
sería aínda maior. Do mesmo xeito a información debe ser procesada tanto en tempo
real como posteriormente sobre históricos, o que permite obter información estatística
moi relevante en diferentes contornas.
O principal obxectivo da presente tese doutoral é analizar cada un destes retos
(e ciencia enerxética, seguridade, procesamento de datos e interacción co usuario) e
propor solucións que permitan unha correcta adopción da internet das cousas en ámbitos
industriais, domésticos e en xeral en todo aquel escenario que se poda bene ciar da
interconexión e
flexibilidade de acceso que proporciona a IoT
Smart manufacturing: role of Internet of Things in process optimization
This research is primarily focused on process optimization in manufacturing field in business-to-business context. The study is an effort to point out the issues manufacturers face at their shop floor and it provides solutions for dealing with those issues. During the last decade the Internet of Things (IoT) has gained a lot of attention from both academia and practitioners. IoT emphasizes on the importance of physical objects transferring information by using both software and the Internet. Based on the global trends, nowadays, there is a clear requirement for companies to focus on how they can implement IoT in order to facilitate their businesses and create new business and market opportunities. IoT is able to connect various things and objects around us which are able to interact with each other. In other words, IoT technologies not only connect a particular industrial system or supply chain, but also connects stakeholders and end-customers.
The goal of the thesis is to discuss IoT technologies and elaborate on how they are implemented in manufacturing processes. One empirical case study on IoT applications in shop floors and production lines carried out. Two cases were selected based on being a pioneer in implementing IoT technologies into manufacturing and highly optimized production at targeted factories. The cases represent next generation of smart factories which IoT technologies and in particular RFID solutions play an important role. A qualitative document analysis was conducted. The topic of this research is relatively new and therefore majority of references used for this paper are from 2014 onwards. Data were collected from public, non-confidential information sources including press releases, newspapers, articles and journals. The research approach was primarily descriptive with the focus on differences between previous production optimization technologies and IoT applications in use today.
The results of thesis demonstrates that IoT technologies bring transparency, traceability, adaptability, scalability and flexibility to the system. Therefore, the adoption of IoT has quite a few potential benefits, including improvement in cost and risk reduction, operational processes and value creation. This research also shows that using IoT technologies for their benefits is not an easy task for enterprises. Companies face many challenges on the way including layout changes in the factory’s shop floor, changes in the design of the products, security concerns and consumer privacy. Moreover, since the IoT is a recent development, different aspects of the IoT such as economical, managerial and industrial aspects need to be studied. And this makes companies hesitant to make decisions regarding the adoption of IoT
Towards end-to-end security in internet of things based healthcare
Healthcare IoT systems are distinguished in that they are designed to serve human beings, which primarily raises the requirements of security, privacy, and reliability. Such systems have to provide real-time notifications and responses concerning the status of patients. Physicians, patients, and other caregivers demand a reliable system in which the results are accurate and timely, and the service is reliable and secure. To guarantee these requirements, the smart components in the system require a secure and efficient end-to-end communication method between the end-points (e.g., patients, caregivers, and medical sensors) of a healthcare IoT system.
The main challenge faced by the existing security solutions is a lack of secure end-to-end communication. This thesis addresses this challenge by presenting a novel end-to-end security solution enabling end-points to securely and efficiently communicate with each other. The proposed solution meets the security requirements of a wide range of healthcare IoT systems while minimizing the overall hardware overhead of end-to-end communication. End-to-end communication is enabled by the holistic integration of the following contributions.
The first contribution is the implementation of two architectures for remote monitoring of bio-signals. The first architecture is based on a low power IEEE 802.15.4 protocol known as ZigBee. It consists of a set of sensor nodes to read data from various medical sensors, process the data, and send them wirelessly over ZigBee to a server node. The second architecture implements on an IP-based wireless sensor network, using IEEE 802.11 Wireless Local Area Network (WLAN). The system consists of a IEEE 802.11 based sensor module to access bio-signals from patients and send them over to a remote server. In both architectures, the server node collects the health data from several client nodes and updates a remote database. The remote webserver accesses the database and updates the webpage in real-time, which can be accessed remotely.
The second contribution is a novel secure mutual authentication scheme for Radio Frequency Identification (RFID) implant systems. The proposed scheme relies on the elliptic curve cryptography and the D-Quark lightweight hash design. The scheme consists of three main phases: (1) reader authentication and verification, (2) tag identification, and (3) tag verification. We show that among the existing public-key crypto-systems, elliptic curve is the optimal choice due to its small key size as well as its efficiency in computations. The D-Quark lightweight hash design has been tailored for resource-constrained devices.
The third contribution is proposing a low-latency and secure cryptographic keys generation approach based on Electrocardiogram (ECG) features. This is performed by taking advantage of the uniqueness and randomness properties of ECG's main features comprising of PR, RR, PP, QT, and ST intervals. This approach achieves low latency due to its reliance on reference-free ECG's main features that can be acquired in a short time. The approach is called Several ECG Features (SEF)-based cryptographic key generation.
The fourth contribution is devising a novel secure and efficient end-to-end security scheme for mobility enabled healthcare IoT. The proposed scheme consists of: (1) a secure and efficient end-user authentication and authorization architecture based on the certificate based Datagram Transport Layer Security (DTLS) handshake protocol, (2) a secure end-to-end communication method based on DTLS session resumption, and (3) support for robust mobility based on interconnected smart gateways in the fog layer.
Finally, the fifth and the last contribution is the analysis of the performance of the state-of-the-art end-to-end security solutions in healthcare IoT systems including our end-to-end security solution. In this regard, we first identify and present the essential requirements of robust security solutions for healthcare IoT systems. We then analyze the performance of the state-of-the-art end-to-end security solutions (including our scheme) by developing a prototype healthcare IoT system
Security of Ubiquitous Computing Systems
The chapters in this open access book arise out of the EU Cost Action project Cryptacus, the objective of which was to improve and adapt existent cryptanalysis methodologies and tools to the ubiquitous computing framework. The cryptanalysis implemented lies along four axes: cryptographic models, cryptanalysis of building blocks, hardware and software security engineering, and security assessment of real-world systems. The authors are top-class researchers in security and cryptography, and the contributions are of value to researchers and practitioners in these domains. This book is open access under a CC BY license
- …