SECURING TESLA BROADCAST PROTOCOL WITH DIFFIE- HELLMAN KEY EXCHANGE

ABSTRACT Broadcast communication is highly prone to attacks from unauthenticated users in the wireless medium. Techniques have been proposed to make the communication more secure. In this paper, TESLA broadcast protocol is used to ensure source authentication. Diffie-Hellman Key Exchange is used to share the cryptographic keys in a secured manner. A PKI is developed based on TESLA and Diffie-Hellman Key Exchange, assuming that all network nodes in the network are loosely synchronized in time

Tag Ownership Transfer in Radio Frequency Identification Systems: A Survey of Existing Protocols and Open Challenges

Radio frequency identification (RFID) is a modern approach to identify and track several assets at once in a supply chain environment. In many RFID applications, tagged items are frequently transferred from one owner to another. Thus, there is a need for secure ownership transfer (OT) protocols that can perform the transfer while, at the same time, protect the privacy of owners. Several protocols have been proposed in an attempt to fulfill this requirement. In this paper, we provide a comprehensive and systematic review of the RFID OT protocols that appeared over the years of 2005-2018. In addition, we compare these protocols based on the security goals which involve their support of OT properties and their resistance to attacks. From the presented comparison, we draw attention to the open issues in this field and provide suggestions for the direction that future research should follow. Furthermore, we suggest a set of guidelines to be considered in the design of new protocols. To the best of our knowledge, this is the first comprehensive survey that reviews the available OT protocols from the early start up to the current state of the art

Security protocols for EPC class-1 Gen-2 RFID multi-tag systems

The objective of the research is to develop security protocols for EPC C1G2 RFID Passive Tags in the areas of ownership transfer and grouping proof

Smart Wireless Sensor Networks

The recent development of communication and sensor technology results in the growth of a new attractive and challenging area - wireless sensor networks (WSNs). A wireless sensor network which consists of a large number of sensor nodes is deployed in environmental fields to serve various applications. Facilitated with the ability of wireless communication and intelligent computation, these nodes become smart sensors which do not only perceive ambient physical parameters but also be able to process information, cooperate with each other and self-organize into the network. These new features assist the sensor nodes as well as the network to operate more efficiently in terms of both data acquisition and energy consumption. Special purposes of the applications require design and operation of WSNs different from conventional networks such as the internet. The network design must take into account of the objectives of specific applications. The nature of deployed environment must be considered. The limited of sensor nodes� resources such as memory, computational ability, communication bandwidth and energy source are the challenges in network design. A smart wireless sensor network must be able to deal with these constraints as well as to guarantee the connectivity, coverage, reliability and security of network's operation for a maximized lifetime. This book discusses various aspects of designing such smart wireless sensor networks. Main topics includes: design methodologies, network protocols and algorithms, quality of service management, coverage optimization, time synchronization and security techniques for sensor networks

Alpenhorn: Bootstrapping Secure Communication without Leaking Metadata

Alpenhorn is the first system for initiating an encrypted connection between two users that provides strong privacy and forward secrecy guarantees for metadata (i.e., information about which users connected to each other) and that does not require out-of-band communication other than knowing the other user's Alpenhorn username (email address). This resolves a significant shortcoming in all prior works on private messaging, which assume an out-of-band key distribution mechanism. Alpenhorn's design builds on three ideas. First, Alpenhorn provides each user with an address book of friends that the user can call to establish a connection. Second, when a user adds a friend for the first time, Alpenhorn ensures the adversary does not learn the friend's identity, by using identity-based encryption in a novel wayto privately determine the friend's public key. Finally, when calling a friend, Alpenhorn ensures forward secrecy of metadata by storing pairwise shared secrets in friends' address books, and evolving them over time, using a new keywheel construction. Alpenhorn relies on a number of servers, but operates in an anytrust model, requiring just one of the servers to be honest. We implemented a prototype of Alpenhorn, and integrated it into the Vuvuzela private messaging system (which did not previously provide privacy or forward secrecy of metadata when initiating conversations). Experimental results show that Alpenhorn can scale to many users, supporting 10 million users on three Alpenhorn servers with an average call latency of 150 seconds and a client bandwidth overhead of 3.7 KB/sec

Secure and efficient data extraction for ubiquitous computing applications

Ubiquitous computing creates a world where computers have blended seamlessly into our physical environment. In this world, a computer is no longer a monitor-and-keyboard setup, but everyday objects such as our clothing and furniture. Unlike current computer systems, most ubiquitous computing systems are built using small, embedded devices with limited computational, storage and communication abilities. A common requirement for many ubiquitous computing applications is to utilize the data from these small devices to perform more complex tasks. For critical applications such as healthcare or medical related applications, there is a need to ensure that only authorized users have timely access to the data found in the small device. In this dissertation, we study the problem of how to securely and efficiently extract data from small devices.;Our research considers two categories of small devices that are commonly used in ubiquitous computing, battery powered sensors and battery free RFID tags. Sensors are more powerful devices equipped with storage and sensing capabilities that are limited by battery power, whereas tags are less powerful devices with limited functionalities, but have the advantage of being operable without battery power. We also consider two types of data access patterns, local and remote access. In local data access, the application will query the tag or the sensor directly for the data, while in remote access, the data is already aggregated at a remote location and the application will query the remote location for the necessary information, The difference between local and remote access is that in local access, the tag or sensor only needs to authenticate the application before releasing the data, but in remote access, the small device may have to perform additional processing to ensure that the data remains secure after being collected. In this dissertation, we present secure and efficient local data access solutions for a single RFID tag, multiple RFID tags, and a single sensor, and remote data access solutions for both RFID tag and sensor

ID-Based Key Agreement for WANETs

2013 - 2014The increasing interest about wireless ad hoc networks (WANETs) is due to some key features not owned by traditional networks such as nodes mobility, network self-organization and the ability to rely on infrastructure-less setup. WANETs can be used in many application scenarios such as health care, environmental monitoring, military and many others commercial applications. Unfortunately, the open nature of the communication channel exposes WANETs to a great number of security threats (e.g. jamming, eavesdropping, node replication, unfairness, wormhole, packet injection). The security of WANETs hinges on node authentication, which by mean of Cryptography can be obtained through key distribution mechanisms. Moreover, WANET applications often require the establishment of session keys, that will be used for encryption, message authentication and others cryptographic purposes. In this thesis we present a cryptographic framework for WANETs, named JIKA (Java framework for ID-based key agreement) which simulates a key generation center (KGC) and offers an ID-based key distribution service for signature schemes and key agreement protocols. Moreover, JIKA makes use of elliptic curve cryptography (ECC) which allows fast computations, small key size and short signatures of messages. It includes two new ID-based signature schemes (IBS-1 and IBS-2) which get shorter signatures, an ID-based two-party key agreement protocol (eFG) and two new group key agreement protocols (GKA v1 and GKA v2). GKA protocols are full-contributory and offer implicit key authentication through the ID-based signature schemes described above, at the cost of just two rounds... [edited by Author]XIII n.s