1,269 research outputs found
A novel security protocol for resolving addresses in the location/ID split architecture
The Locator/ID Separation Protocol (LISP) is a routing architecture that provides new semantics for IP addressing. In order to simplify routing operations and improve scalability in future Internet, the LISP uses two different numbering spaces to separate the device identifier from its location. In other words, the LISP separates the 'where' and the 'who' in networking and uses a mapping system to couple the location and identifier. This paper analyses the security and functionality of the LISP mapping procedure using a formal methods approach based on Casper/FDR tool. The analysis points out several security issues in the protocol such as the lack of data confidentiality and mutual authentication. The paper addresses these issues and proposes changes that are
compatible with the implementation of the LISP
The Meeting of Acquaintances: A Cost-efficient Authentication Scheme for Light-weight Objects with Transient Trust Level and Plurality Approach
Wireless sensor networks consist of a large number of distributed sensor
nodes so that potential risks are becoming more and more unpredictable. The new
entrants pose the potential risks when they move into the secure zone. To build
a door wall that provides safe and secured for the system, many recent research
works applied the initial authentication process. However, the majority of the
previous articles only focused on the Central Authority (CA) since this leads
to an increase in the computation cost and energy consumption for the specific
cases on the Internet of Things (IoT). Hence, in this article, we will lessen
the importance of these third parties through proposing an enhanced
authentication mechanism that includes key management and evaluation based on
the past interactions to assist the objects joining a secured area without any
nearby CA. We refer to a mobility dataset from CRAWDAD collected at the
University Politehnica of Bucharest and rebuild into a new random dataset
larger than the old one. The new one is an input for a simulated authenticating
algorithm to observe the communication cost and resource usage of devices. Our
proposal helps the authenticating flexible, being strict with unknown devices
into the secured zone. The threshold of maximum friends can modify based on the
optimization of the symmetric-key algorithm to diminish communication costs
(our experimental results compare to previous schemes less than 2000 bits) and
raise flexibility in resource-constrained environments.Comment: 27 page
- ā¦